MCL/sf/os/networkingsrv: networksecurity/ipsec/ipsec6/src/sc

20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1	// Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies).
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	// All rights reserved.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	// This component and the accompanying materials are made available
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4	// under the terms of "Eclipse Public License v1.0"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5	// which accompanies this distribution, and is available
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	// at the URL "http://www.eclipse.org/legal/epl-v10.html".
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	// Initial Contributors:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	// Nokia Corporation - initial contribution.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11	// Contributors:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13	// Description:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	// sc_prt.cpp - IPv6/IPv4 security check protocol
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15	// An instance of a procotol that hooks into IP protocol instance,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	// performing IPSEC checking and processing to packets.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	19	#include <featdiscovery.h>
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	20	#include <featureuids.h>
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	#include <posthook.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23	#include <icmp6_hdr.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24	#include <udp_hdr.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	#include <in_pkt.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	#include <ext_hdr.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	#include <in6_opt.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28	#include <in6_event.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	#include <es_prot_internal.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	#include "ipsec.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	#include "sc.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	#include "epdb.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	#include "spdb.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	#include "sadb.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36	#include <networking/ipsecerr.h>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	#include "ipseclog.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	#include "tunlintunl.h"
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	const TIp6Addr KOuterIsInner = {{{0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}}};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	class CProtocolIpsec;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	class CIpsecHook;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	* Mobility Protocol id.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	* (this should be in insock.h?)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	const TUint KProtocolInetMh = 135;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	* SCTP Protocol id
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52	* (this should be in insock.h?)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	const TUint KProtocolInetSctp = 132;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	* Max number of nested IPSEC.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	const int KIpsecMaxNesting = 10;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62	* Max number of fragment bookkeeping records.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64	const TInt KIpsecMaxFragmentInfo = 10;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	class RHookSA : public RSecurityAssociation
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68	* Security association handle.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70	* Extends the RSecurityAssociation handle to include a back link
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	* to the CIpsecHook which actually contains the RHookSA
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	* (for outbound processing)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	static void Callback(RSecurityAssociation &aAssociation);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	RHookSA(CFlowContext &aFlow, CPolicyAction *const aItem);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80	* The last state of the association.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	* iState is mainly used to detect whether initial
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83	* acquire failed, when SA dies. If PENDING at DEAD,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84	* then SA died before ever becoming ready,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	TInt iState;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87	CPolicyAction *const iItem;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89	CFlowContext &iFlow; // ..to change the flow state when SA state changes (see CallBack)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	class TUpperLayerSnoop
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94	* A snooping class.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	* A simple class to access the first 4 bytes of the packet.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96	* This is used to snoop the upper layer information.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98	* Thus max "port offset" = 2 (because port is 16 bits),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	* and max "type/code offset = 3.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103	// Basic
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104	inline static TInt MinHeaderLength() {return 4; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	105	inline static TInt MaxHeaderLength() {return 4; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	106	// Access values
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	107	inline TUint16 Port(TUint8 aOff) const { return (i[aOff] << 8) + i[aOff+1]; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	108	inline TUint8 Byte(TUint8 aOff) const { return i[aOff]; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	109	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	110	TUint8 i[4];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	111	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	112
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	113	class TSnoopHeader
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	114	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	115	* Describes the positions of the port/type/code information in a protocol headers.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	116	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	117	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	118	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	119	TUint8 iProtocol; //< 0..255
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	120	TUint8 iSelector; //< 0..3 (ports, localport, type+code, type)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	121	TUint8 iO1; //< Offset of the source port [0..2] or type [0..3]),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	122	TUint8 iO2; //< Offset of the destination port [0..2] or code [0..3])
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	123	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	124
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	125	const TUint KLoadPorts = 0; //< Load local and remote port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	126	const TUint KLoadLocal = 1; //< Load local port only
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	127	const TUint KLoadType = 2; //< Load Type only (into local port as 'type << 8')
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	128	const TUint KLoadBoth = 3; //< Load Type and code (into local port as 'type << 8 \| code')
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	129
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	130	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	131	* The list of currently known protocols.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	132	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	133	* This table defines the "known protocols" for IPsec, and this must be updated
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	134	* if some new protocol uses ports or type/code system, and which needs to
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	135	* selected in IPsec selectors.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	136	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	137	static const TSnoopHeader snooper[] =
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	138	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	139	{ KProtocolInetUdp, KLoadPorts, 0, 2 }, // UDP uses src and dst port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	140	{ KProtocolInetTcp, KLoadPorts, 0, 2 }, // TCP uses src and dst port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	141	{ KProtocolInetIcmp, KLoadBoth, 0, 1 }, // ICMPv4 uses type and code
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	142	{ KProtocolInet6Icmp, KLoadBoth, 0, 1 }, // ICMPv6 uses type and code
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	143	{ KProtocolInetMh, KLoadType, 2, 0 }, // Mobile IPv6 uses type
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	144	{ KProtocolInetSctp, KLoadPorts, 0, 2 } // SCTP uses src and dst port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	145	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	146	static const TSnoopHeader *const snooper_end = &snooper[sizeof(snooper)/sizeof(snooper[0])];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	147
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	148
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	149	class CIpsecHook : public CIpsecReferenceCountObject, public MFlowHook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	150	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	151	* The MFlowHook for outbound IPsec processing.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	152	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	153	* An instance of this class is attached to the flows for which
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	154	* IPsec processing is required.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	155	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	156	* The allocation size of this object is variable and it depends
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	157	* the required IPsec processing. The variable length information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	158	* is at the end of fixed member variables consists of two
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	159	* arrays of structures as follows:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	160	* @code
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	161	* RHookSA[iCount] // The handles for IPsec associations
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	162	* RIpAdddress[iTunnels] // The src addresses of the tunnels (if iTunnels > 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	163	* @endcode
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	164	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	165	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	166	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	167	CIpsecHook(
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	168	MAssociationManager &aMgr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	169	CFlowContext &aFlow,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	170	const RPolicySelectorInfo &aInfo,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	171	const TInt aCount,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	172	const TInt aTunnels);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	173	~CIpsecHook();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	174
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	175	RHookSA &Assoc(TInt aIndex) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	176	{ return ((RHookSA )(((char )this) + sizeof(*this)))[aIndex]; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	177	RIpAddress &Tunnel(TInt aIndex) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	178	{ return ((RIpAddress *)&Assoc(iCount))[aIndex]; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	179
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	180	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	181	// for CProtocolSecpol
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	182	static CIpsecHook *NewL(
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	183	MAssociationManager &aMgr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	184	CFlowContext &aFlow,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	185	const RPolicySelectorInfo &aInfo,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	186	TInt aCount, CPolicyAction **aItems,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	187	TInt aTunnels, const RIpAddress *aSrc);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	188
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	189	// MFlowHook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	190	void Open();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	191	TInt ReadyL(TPacketHead &aHead);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	192	TInt ApplyL(RMBufSendPacket &aPacket, RMBufSendInfo &aInfo);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	193	void Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	194
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	195	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	196	// The internal state information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	197
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	198	MAssociationManager &iMgr; //< The association manager.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	199	CFlowContext &iFlow; //< The associated flow
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	200	RPolicySelectorInfo iInfo; //< The selector information extracted at OpenL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	201	const TUint8 iCount; //< Number of IPSEC actions (usually SA) to apply
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	202	const TUint8 iTunnels; //< ..and how many of them include tunnel action
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	203
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	204	// Followed by arrays of
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	205	// - RHookSA[iCount]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	206	// - RIpAdddress[iTunnels]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	207	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	208
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	209
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	210
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	211	RHookSA::RHookSA(CFlowContext &aFlow, CPolicyAction *const aItem) : iItem(aItem), iFlow(aFlow)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	212	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	213	* Constructor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	214	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	215	* @param aFlow The flow.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	216	* @param aItem The action
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	217	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	218	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	219	iState = EFlow_PENDING;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	220	RSecurityAssociation::Init(Callback);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	221	aItem->Open();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	222	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	223
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	224	void RHookSA::Callback(RSecurityAssociation &aAssociation)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	225	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	226	* Association has changed state.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	227	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	228	* @param aAssociation The handle.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	229	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	230	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	231	const RHookSA &assoc = (RHookSA &)aAssociation;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	232
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	233	switch (assoc.Status())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	234	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	235	case SADB_SASTATE_MATURE:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	236	case SADB_SASTATE_DYING:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	237	// Either of these states means that SA is usable,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	238	// The previous state makes no difference.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	239	// In case of READY, should probably check all other
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	240	// required SA's, and not try to wakeup the flow
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	241	// until ALL of them are available. -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	242	if (assoc.iState != KErrNone && assoc.iItem && assoc.iItem->iOptional)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	243	assoc.iFlow.SetChanged(); // When optional SA becomes available, "recompute" flow!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	244	assoc.iFlow.SetStatus(EFlow_READY);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	245	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	246	case SADB_SASTATE_DEAD:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	247	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	248	// The SA is dead. Now it depends on the previous state
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	249	// whether a new SA negotiation should be started or if
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	250	// the flow should be shut down.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	251	if (assoc.iState == EFlow_PENDING)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	252	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	253	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	254	// Flow was waiting for negotiation, which expired
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	255	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	256	/* here the error value passed by the kmd server
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	257	* will be passed to the tcp/ip stack. This error
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	258	* value was set in the RSecurityAssociation class.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	259	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	260	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	261	TInt errorValue = assoc.ReadErr();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	262	if(errorValue==EIpsec_Ok)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	263	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	264	errorValue = EIpsec_AcquireFailed;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	265	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	266	assoc.iFlow.SetStatus(errorValue);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	267	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	268	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	269	// SA was not a LARVAL SA. This means that a real SA
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	270	// has just expired or been deleted for some reason,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	271	// the flow just needs to acquire a new SA.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	272	// FALL THROUGH
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	273	default:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	274	// SA not available, but may be acquired, set/keep
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	275	// the flow in pending state (a ReadyL call later
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	276	// will activate the acquire, if needed).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	277	assoc.iFlow.SetStatus(EFlow_PENDING);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	278	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	279	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	280	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	281
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	282
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	283	class TIpsecFragmentData
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	284	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	285	* The state information for single IPsec transfor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	286	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	287	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	288	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	289	RSecurityAssociation iSA; //< The IPsec SA that was used
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	290	TIpAddress iTunnel; //< The outer Tunnel End Point (src).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	291	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	292
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	293	class CIpsecFragmentInfo : public CBase
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	294	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	295	* The IPsec fragment tracking.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	296	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	297	* When IPsec has been applied to tunneled fragments, it must
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	298	* be guaranteed that all fragments are correctly protected
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	299	* as required by the policy. However, the realy policy
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	300	* requirement is only known after the final fragment has
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	301	* arrived and when the full packet is available.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	302	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	303	* This structure keeps track of applied IPsec for a
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	304	* packet being assembled.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	305	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	306	* This is variable sized object, and the tail end
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	307	* is an array of state info:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	308	* @code TIpsecFragmentData[iCount]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	309	* @endcode
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	310	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	311	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	312	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	313	CIpsecFragmentInfo(TUint aCount) : iCount(aCount) {}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	314	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	315	static CIpsecFragmentInfo *New(TUint aCount);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	316	inline TIpsecFragmentData & operator[](TInt aIndex) const;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	317	~CIpsecFragmentInfo();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	318
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	319	CIpsecFragmentInfo *iNext; //< The link to next info block.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	320
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	321	// Id + src + dst identify the fragment.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	322
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	323	TUint32 iId; //< The fragment ID
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	324	TIpAddress iSrc; //< The (inner) source address
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	325	TIpAddress iDst; //< The (inner) destination address
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	326
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	327	// The applied IPsec
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	328	const TUint iCount; //< The number of TIpsecFragmentData that follow after this.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	329
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	330	// Followed by array of TIpsecFragmentData[iCount]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	331	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	332
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	333	class CProtocolSecpol : public CProtocolPosthook, public MSecurityPolicyManager, MEventListener
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	334	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	335	* Security Policy component of the IPsec.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	336	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	337	* This protocol handles the Security Policy Database and also acts as a
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	338	* hook for the IP layer.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	339	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	340	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	341	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	342	// ESOCK Protocol Basics
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	343	CProtocolSecpol();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	344	~CProtocolSecpol();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	345	void BindToL(CProtocolBase *protocol);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	346	void Identify(TServerProtocolDesc *) const;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	347	CServProviderBase* NewSAPL(TUint aSockType);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	348
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	349	// for CProtocolIpsec (inbound transforms)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	350	TInt TransformL(RMBufHookPacket &aPacket, RMBufRecvInfo &aInfo);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	351
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	352	// Hook methods (inbound direction)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	353	TInt ApplyL(RMBufHookPacket &aPacket, RMBufRecvInfo &aInfo);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	354
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	355	// Hook methods (outbound direction)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	356	MFlowHook OpenL(TPacketHead &aHead, CFlowContext aFlow);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	357
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	358	// MEventListener
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	359	void Notify(TUint aEventClass, TUint aEventType, const void *aData);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	360
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	361	private:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	362	TUint32 GetInterfaceIndex(const TDesC &aName);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	363	TBool UpdateInterfaceIndex(const TDesC &aName, TUint32 aIndex);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	364	void FixupInterfaceIndexes(CSecurityPolicy *aPolicy);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	365
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	366	// Security Policy Management section
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	367	inline CSecurityPolicy *Policy() const { return iPolicy; }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	368	TInt SetPolicy(const TDesC &aPolicy, TUint &aOffset);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	369
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	370	void Deliver(RMBufPacketBase& aPacket);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	371	void NetworkAttachedL();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	372	void NetworkDetached();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	373	void InterfaceAttached(const TDesC &aName, CNifIfBase *aIf);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	374
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	375	TInt SelectSource(const RIpAddress &aDst, RIpAddress &aSrc) const;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	376	TInt CollectBundle(TPolicyFilterInfo &aFilter, RPolicySelectorInfo &aKey, const TInt aMaxItems,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	377	CPolicyAction *aItems, RIpAddress aSrc, TInt &aTunnels) const;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	378	void UpdateTunnelInterface(RMBufRecvInfo &aInfo, const CSecurityAssoc const aSa) /const*/;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	379	void CheckPacketId(RMBufHookPacket &aPacket);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	380	TInt CheckFragmentPolicy();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	381
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	382	void CheckExceptionSelector(TBool &aException_flag) const; //To support UMA
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	383	void CheckFeatureSupportL(TUid aFeature); //To check a Feature is enabled or not
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	384
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	385	MAssociationManager *iAssociationManager;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	386	CProtocolIpsec *iProtocolIpsec;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	387	MEventService *iEventService;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	388	CSecurityPolicy* iPolicy;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	389	TDblQue<CProviderSecpol> iSAPlist;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	390	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	391	// The working space for incoming packet processing
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	392	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	393	TInt8 iCountSA; //< Number of slots used from the arrays below
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	394	TUint iIsFragment:1; //< Current packet is a fragment.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	395	TUint iIsTunnelMode:1; //< The last transform was in tunnel mode.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	396	TUint32 iPacketId; //< Id of the current packet.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	397	TUint32 iId; //< The fragment id.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	398	TIpAddress iSrc; //< The currently effective src address of incoming packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	399	TIpAddress iDst; //< The currently effective dst address of incoming packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	400	RPolicySelectorInfo iPktInfo; //< Incoming packet info
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	401	RSecurityAssociation iSA[KIpsecMaxNesting]; //< Used Security associations.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	402	RIpAddress iTunnel[KIpsecMaxNesting]; //< Related tunnel addresses (outer source)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	403	RIpAddress iMyself[KIpsecMaxNesting]; //< Related destination adresses (outer).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	404	// List of incomplete fragmented packets.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	405	CIpsecFragmentInfo *iFrags; //< Unfinished fragments.
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	406	TBool iIPSecGANSupported; //To check whether FF_IPSEC_UMA_SUPPORT_ENABLE is defined and UMA supported
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	407
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	408	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	409
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	410	void IPSEC::IdentifySecpol(TServerProtocolDesc &aEntry)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	411	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	412	* Return IPsec protocol description.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	413	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	414	* @retval aEntry The protocol description.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	415	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	416	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	417	_LIT(KSecpol, "secpol6");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	418
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	419	aEntry.iName = KSecpol;;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	420	aEntry.iAddrFamily = KAfIpsec;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	421	aEntry.iSockType = KSockRaw;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	422	aEntry.iProtocol = KProtocolSecpol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	423	aEntry.iVersion = TVersion(1, 0, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	424	aEntry.iByteOrder = ELittleEndian;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	425	aEntry.iServiceInfo = KSIConnectionLess \| KSIMessageBased \| KSIBroadcast;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	426	aEntry.iNamingServices = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	427	aEntry.iSecurity = KSocketNoSecurity;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	428	aEntry.iMessageSize = 0xffff;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	429	aEntry.iServiceTypeInfo= ESocketSupport \| ENeedMBufs;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	430	aEntry.iNumSockets = KUnlimitedSockets;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	431	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	432
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	433	CProtocolBase *IPSEC::NewSecpolL()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	434	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	435	* Create a new SECPOL protocol instance.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	436	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	437	* @return The Secpol
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	438	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	439	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	440	return new (ELeave) CProtocolSecpol();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	441	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	442
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	443	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	444
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	445	static void NoCallback(RSecurityAssociation &)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	446	/** Dummy do nothing callback */
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	447	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	448	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	449
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	450
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	451	// CIpsecFragmentInfo
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	452	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	453
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	454	inline TIpsecFragmentData & CIpsecFragmentInfo::operator[](TInt aIndex) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	455	/*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	456	* Return Nth fragment info.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	457	* @param aIndex The N value.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	458	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	459	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	460	ASSERT((TUint)aIndex < iCount);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	461	return ((TIpsecFragmentData )((char )this + sizeof(*this)))[aIndex];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	462	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	463
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	464	CIpsecFragmentInfo *CIpsecFragmentInfo::New(TUint aCount)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	465	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	466	* Create a new fragment info.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	467	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	468	* @param aCount The number of TIpsecFragmentData
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	469	* @return Fragment info block.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	470	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	471	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	472	CIpsecFragmentInfo f = new (aCount sizeof(TIpsecFragmentData)) CIpsecFragmentInfo(aCount);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	473	if (f)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	474	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	475	for (TInt i = 0; i < f->iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	476	(*f)[i].iSA.Init(NoCallback);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	477	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	478	return f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	479	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	480
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	481	CIpsecFragmentInfo::~CIpsecFragmentInfo()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	482	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	483	* Desctructor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	484	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	485	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	486	// Detach the security associations, if any
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	487	for (TInt i = 0; i < iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	488	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	489	(*this)[i].iSA.None();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	490	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	491	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	492
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	493	class CProtocolIpsec : public CIp6Hook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	494	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	495	* Internal protocol for ESP, AH, etc.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	496	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	497	* Internal instance which gets to handle the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	498	* specific protocols AH, ESP and UPD for inbound
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	499	* packets.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	500	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	501	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	502	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	503	CProtocolIpsec(CProtocolSecpol &aSecpol) : iSecpol(aSecpol)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	504	{};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	505	~CProtocolIpsec();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	506	void Identify(TServerProtocolDesc *aEntry) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	507	{ IPSEC::IdentifySecpol(*aEntry); }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	508	TInt ApplyL(RMBufHookPacket &aPacket, RMBufRecvInfo &aInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	509	{ return iSecpol.TransformL(aPacket, aInfo); }
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	510	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	511	* The "master" parent.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	512	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	513	* This "protocol" has no modifiable members, it borrows
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	514	* everything from the parent CProtocolSecpol.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	515	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	516	CProtocolSecpol &iSecpol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	517	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	518
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	519	CProtocolIpsec::~CProtocolIpsec()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	520	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	521	* Destructor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	522	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	523	* Cancel all binds with the network using CProtocolInet6Binder::Unbind(),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	524	* if the network is still attached
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	525	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	526	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	527	if (iSecpol.NetworkService())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	528	iSecpol.NetworkService()->Protocol()->Unbind(this, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	529	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	530
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	531	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	532
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	533	#ifdef _LOG
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	534
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	535	static TInt MaskLength(TUint32 aAddr)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	536	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	537	* Return count of contiguous most significant 1-bits in TUint32
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	538	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	539	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	540	TInt count = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	541	// obviously, this is "brute force" counting
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	542	while (aAddr & 0x80000000)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	543	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	544	count++;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	545	aAddr <<= 1;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	546	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	547	return count;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	548	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	549
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	550	static TInt MaskLength(const TIp6Addr &aAddr)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	551	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	552	* Return count of contiguous most significant 1-bits in IPv6 address.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	553	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	554	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	555	TInt count = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	556	for (TUint i = 0; i < sizeof(aAddr.u.iAddr8) / sizeof(aAddr.u.iAddr8[0]); ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	557	if (aAddr.u.iAddr8[i] == 0xFF)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	558	count += 8;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	559	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	560	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	561	count += MaskLength(aAddr.u.iAddr8[i] << 24);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	562	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	563	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	564	return count;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	565	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	566
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	567	class TAddressBuf : public TBuf<70>
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	568	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	569	public:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	570	TAddressBuf(const TIpAddress &aAddr, TUint16 aPort = 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	571	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	572
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	573	TAddressBuf::TAddressBuf(const TIpAddress &aAddr, TUint16 aPort)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	574	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	575	TInetAddr addr(aAddr, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	576	addr.SetScope(aAddr.iScope);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	577	addr.OutputWithScope(*this);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	578	if (aPort)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	579	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	580	_LIT(KFormat, "#%u");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	581	AppendFormat(KFormat, (TInt)aPort);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	582	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	583	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	584
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	585	static void LogSelectorInfo(const TDesC &aStr, const RPolicySelectorInfo &aSelector, const TPolicyFilterInfo &aFilter)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	586	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	587	_LIT(KIn, "inbound ");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	588	_LIT(KOut, "outbound ");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	589	_LIT(KBoth, "");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	590
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	591	TAddressBuf local(aSelector.iLocal(), (aSelector.iFlags & KTransportSelector_PORTS) == 0 ? 0 : aSelector.iPortLocal);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	592	TAddressBuf remote(aSelector.iRemote(), aSelector.iPortRemote);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	593
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	594	const TUint mode = aFilter.iFlags & KPolicyFilter_SYMMETRIC;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	595
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	596	_LIT(KPorts, "%S%Sif=%d local=%S remote=%S prot=%d");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	597	_LIT(KTypeCode, "%S%Sif=%d local=%S remote=%S prot=%d type=%d code=%d");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	598
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	599	Log::Printf((aSelector.iFlags & KTransportSelector_PORTS) == 0 ? KTypeCode() : KPorts(),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	600	&aStr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	601	mode == KPolicyFilter_INBOUND ? &KIn() : mode == KPolicyFilter_OUTBOUND ? &KOut() : &KBoth(),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	602	(TInt)aFilter.iIndex,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	603	&local, &remote,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	604	(TInt)aSelector.iProtocol,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	605	(TInt)((aSelector.iPortLocal >> 8) & 0xFF),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	606	(TInt)(aSelector.iPortLocal & 0xFF));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	607	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	608
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	609	static void LogBundleItem(const TDesC &aStr, const CPolicyAction &aItem, const CSecurityAssoc *aSA = NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	610	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	611	_LIT(KTunnel, "tunnel");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	612	_LIT(KOptional, "?");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	613	_LIT(KObligatory, "");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	614
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	615	TBuf<15> spi;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	616	if (aSA)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	617	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	618	spi.Format(_L(" spi %u"), ByteOrder::Swap32(aSA->SPI()));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	619	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	620	TAddressBuf tmp(aItem.iTunnel());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	621	Log::Printf(_L("%S%S%S(%S)%S"),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	622	&aStr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	623	aItem.iOptional ? &KOptional : &KObligatory,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	624	aItem.iSpec == NULL ? &KTunnel : aItem.iSpec->iName,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	625	&tmp,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	626	&spi);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	627	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	628
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	629	static void LogAddressSelector(TDes &aBuf, const TDesC &aLabel, const TIpAddress &aAddr, const TIpAddress &aMask)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	630	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	631	if (!aMask.IsUnspecified() \|\| aMask.iScope)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	632	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	633	TBuf<70> str;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	634	TInetAddr addr(aAddr, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	635	addr.SetScope(aAddr.iScope);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	636	addr.Output(str);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	637	aBuf.AppendFormat(_L("%S%S "), &aLabel, &str);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	638	const TInt mlen = MaskLength(aMask);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	639	if (mlen < 128)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	640	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	641	// Non-trivial mask, output it.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	642	TInetAddr msk(aMask, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	643	if (aAddr.IsV4Mapped() && mlen >= 64)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	644	msk.SetAddress(BigEndian::Get32(&aMask.u.iAddr8[12]));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	645	msk.Output(str);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	646	aBuf.AppendFormat(_L(" mask=%S "), &str);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	647	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	648	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	649	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	650
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	651	static void LogPolicySelector(const TDesC &aStr, const CPolicySelector &aPS)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	652	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	653	// The following code assumes that partial masks (not covering the full field) are
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	654	// only possible for address fields. For others, the non-zero mask is assumed to be
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	655	// all-ones.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	656	TBuf<200> buf(aStr);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	657	if (aPS.iFilterData & KPolicyFilter_FINAL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	658	buf.Append(_L("final "));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	659	if ((aPS.iFilterMask & KPolicyFilter_MERGE) == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	660	buf.Append(_L("merge "));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	661	switch (aPS.iFilterData & KPolicyFilter_SYMMETRIC)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	662	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	663	case KPolicyFilter_INBOUND:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	664	buf.Append(_L("inbound "));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	665	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	666	case KPolicyFilter_OUTBOUND:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	667	buf.Append(_L("outbound "));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	668	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	669	default:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	670	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	671	}
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	672	//UMA support REQ417-40027
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	673	switch (aPS.iFilterData & KPolicyFilter_Exception)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	674	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	675	case KPolicyFilter_Exception:
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	676	buf.Append(_L("UMAExceptionTrafficSelector"));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	677	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	678
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	679	default:
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	680	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	681	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	682
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	683	if (aPS.iInterface)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	684	buf.AppendFormat(_L("if=%d "), aPS.iInterface->iInterfaceIndex);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	685	for (CTransportSelector *ts = aPS.iTS; ts != NULL; ts = ts->iOr)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	686	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	687	LogAddressSelector(buf, _L("remote="), ts->iData.iRemote(), ts->iMask.iRemote());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	688	LogAddressSelector(buf, _L("local="), ts->iData.iLocal(), ts->iMask.iLocal());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	689	if (ts->iData.iFlags & KTransportSelector_PORTS)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	690	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	691	if (ts->iMask.iPortLocal)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	692	buf.AppendFormat(_L("local_port=%u "), ts->iData.iPortLocal);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	693	if (ts->iMask.iPortRemote)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	694	buf.AppendFormat(_L("remote_port=%u "), ts->iData.iPortRemote);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	695	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	696	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	697	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	698	if (ts->iMask.iPortLocal & 0xFF00)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	699	buf.AppendFormat(_L("type=%u "), ts->iData.iPortLocal >> 8);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	700	if (ts->iMask.iPortLocal & 0x00FF)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	701	buf.AppendFormat(_L("code=%u"), ts->iData.iPortLocal & 0xFF);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	702	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	703	Log::Write(buf);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	704	buf = _L("\t\t\| ");
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	705	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	706	Log::Write(buf);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	707	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	708
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	709	#endif
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	710
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	711	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	712
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	713
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	714	CProtocolSecpol::CProtocolSecpol()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	715	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	716	* Constructor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	717	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	718	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	719	iSAPlist.SetOffset(_FOFF(CProviderSecpol,iSAPlink));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	720
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	721	// The inbound associations don't need any special processing
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	722	// for SA status changes. Just put dummy callback routine in.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	723	for (TInt i = KIpsecMaxNesting; --i >= 0; )
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	724	iSA[i].Init(NoCallback);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	725	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	726
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	727	CProtocolSecpol::~CProtocolSecpol()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	728	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	729	* Destructor.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	730	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	731	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	732	// Deregister event notifications, if still active
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	733	if (iEventService)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	734	iEventService->RemoveListener(this);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	735
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	736	// Detach all linked assocations, if any left
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	737	for (TInt i = KIpsecMaxNesting; --i >= 0; )
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	738	iSA[i].None();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	739
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	740	delete iPolicy;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	741	iPolicy = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	742
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	743	delete iProtocolIpsec;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	744
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	745	// Cleanup the fragment information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	746	while (iFrags)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	747	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	748	CIpsecFragmentInfo *tmp = iFrags;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	749	iFrags = iFrags->iNext;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	750	delete tmp;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	751	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	752
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	753	if (iAssociationManager)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	754	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	755	iAssociationManager->Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	756	iAssociationManager = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	757	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	758
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	759	if (NetworkService())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	760	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	761	// The IPsec is going away, all flows need to be
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	762	// re-connected...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	763	NetworkService()->SetChanged();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	764	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	765
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	766	// If assumptions are correct, iSAPlist should be empty!!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	767	ASSERT(iSAPlist.IsEmpty());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	768	#if __WINS__
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	769	LOG(Log::Printf(_L("CProtocolSecpol::~CProtocolSecpol() done IPSEC_OBJECT_COUNT=%d"), IPSEC_OBJECT_COUNT));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	770	#endif
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	771	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	772
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	773	void CProtocolSecpol::Identify(TServerProtocolDesc *aInfo) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	774	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	775	* @retval aInfo A minimal TServerProtocolDesc to satisfy the Socket server.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	776	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	777	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	778	IPSEC::IdentifySecpol(*aInfo);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	779	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	780
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	781	TUint32 CProtocolSecpol::GetInterfaceIndex(const TDesC &aName)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	782	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	783	* Find interface index by interface name.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	784	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	785	* Query the interface index from the network layer. The query uses
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	786	* @code
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	787	* MInterfaceManager::GetOption(KSolInetIfQuery, KSoInetIfQueryByName, opt),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	788	* @endcode
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	789	* where the opt is TSoInetIfQuery.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	790	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	791	* @param aName The interface name
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	792	* @return The interface index (= 0, if not found)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	793	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	794	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	795	MInterfaceManager *const mgr = NetworkService()->Interfacer();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	796	TPckgBuf<TSoInetIfQuery> opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	797	opt().iName = aName;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	798	opt().iIndex = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	799	// Ignore GetOption error. If interface does not exist yet,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	800	// this returns ZERO.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	801	(void)mgr->GetOption(KSolInetIfQuery, KSoInetIfQueryByName, opt);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	802	return opt().iIndex;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	803	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	804
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	805	TBool CProtocolSecpol::UpdateInterfaceIndex(const TDesC &aName, TUint32 aIndex)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	806	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	807	* Update interface index in the cached interface in the SPD.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	808	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	809	* @param aName The interface name
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	810	* @param aIndex The interface index.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	811	* @return ETrue, if name exists, and EFalse otherwise.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	812	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	813	* The CSelectorInterface contains a cached interface in CSecurityPolicy.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	814	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	815	* If the aIndex == 0, then ask the interface index (GetInterfaceIndex())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	816	* from the network service.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	817	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	818	* If the aIndex > 0, assume it is correct for the named interface
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	819	* (not verified).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	820	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	821	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	822	if (iPolicy == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	823	return EFalse;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	824	for (CSelectorInterface *si = iPolicy->iInterfaces; si != NULL; si = si->iNext)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	825	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	826	if (aName.Compare(*si->iName) == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	827	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	828	if (aIndex != 0 \|\| (aIndex = GetInterfaceIndex(aName)) != 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	829	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	830	LOG(Log::Printf(_L("<>\tipsec Interface Index Update IF [%S] index %d -> %d"),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	831	&aName, si->iInterfaceIndex, aIndex));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	832	si->iInterfaceIndex = aIndex;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	833	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	834	// The name was located!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	835	return ETrue;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	836	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	837	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	838	// The name not located.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	839	return EFalse;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	840	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	841
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	842
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	843	// CProtocolSecpol::InterfaceAttached
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	844	// **********************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	845	void CProtocolSecpol::InterfaceAttached(const TDesC &aName, CNifIfBase *)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	846	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	847	* Interface has attached to the network layer.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	848	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	849	* This exists only because the interface create/destroy does not
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	850	* currently generate events. And, this event only occurs when a
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	851	* real NIF attached.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	852	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	853	* The IPsec will not know if someone creates a "virtual" interface
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	854	* and does not specify any addresses, or otherwise modify it.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	855	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	856	* At this point the interface index is not known, use the UpdateInterfaceIndex()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	857	* without specified index (aIndex = 0), and it will query the index, if this
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	858	* interface is referenced in the current policy.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	859	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	860	* @param aName The interface name
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	861	* @param aIf Not used.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	862	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	863	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	864	(void)UpdateInterfaceIndex(aName, 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	865	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	866
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	867
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	868	// CProtocolSecpol::Notify
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	869	// ***********************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	870	void CProtocolSecpol::Notify(TUint aEventClass, TUint aEventType, const void *aData)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	871	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	872	(void)aEventType; // (just silence warning for release compilation)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	873	if (aEventClass != EClassInterface)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	874	return;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	875
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	876	const TInetInterfaceInfo &ii = (TInetInterfaceInfo )aData;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	877
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	878	if (UpdateInterfaceIndex(ii.iName, ii.iIndex))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	879	return;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	880	LOG(Log::Printf(_L("<>\tipsec Interface Event(%d) IF [%S] index %d not used in policy"),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	881	aEventType, &ii.iName, ii.iIndex));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	882	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	883
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	884
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	885	// *********************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	886	// CProtocolSecpol::NetworkAttachedL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	887	// *********************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	888	// Do the bindings to the IP layer
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	889	void CProtocolSecpol::NetworkAttachedL()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	890	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	891	* The bind to TCP/IP stack has been processed.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	892	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	893	* The TCP/IP stack (MNetworkService) is now available and IPSEC can
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	894	* add the required hooks to it and do other initializations.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	895	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	896	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	897	// If policy is loaded, need to redo the interfaces
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	898	// (network may have been down, and indexes changed)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	899	if (iPolicy)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	900	FixupInterfaceIndexes(iPolicy);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	901
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	902	// Create inbound internal protocol only when really needed.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	903	if (iProtocolIpsec == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	904	iProtocolIpsec = new (ELeave) CProtocolIpsec(*this);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	905
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	906	NetworkService()->BindL(iProtocolIpsec, BindHookFor(KProtocolInetAh));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	907	NetworkService()->BindL(iProtocolIpsec, BindHookFor(KProtocolInetEsp));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	908	NetworkService()->BindL(iProtocolIpsec, BindHookFor(KProtocolInetUdp));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	909
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	910	NetworkService()->BindL(this, BindHookAll()); // All inbound packets
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	911	NetworkService()->BindL(this, BindFlowHook(1)); // All outbound packets
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	912
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	913	// To handle tunneled fragments within IPSEC, need to catch the IPv6
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	914	// Fragment Header and IPv4-in-IP headers
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	915	NetworkService()->BindL(iProtocolIpsec, BindHookFor(KProtocolInet6Fragment));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	916	NetworkService()->BindL(iProtocolIpsec, BindHookFor(KProtocolInetIpip));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	917
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	918	iEventService = IMPORT_API_L(NetworkService()->Interfacer(), MEventService);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	919	iEventService->RegisterListener(this, EClassInterface);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	920	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	921
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	922	// ********************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	923	// CProtocolSecpol::NetworkDetached
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	924	// ********************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	925	void CProtocolSecpol::NetworkDetached()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	926	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	927	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	928	* The biding to TCP/IP is being cut.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	929	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	930	* Do only the internal housekeeping. The calling CProtocolPostHook code
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	931	* does all the necessary protocol Unbinding from the network, this does
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	932	* not need Unbind explicitly any of the bindings done in NetworkAttachedL.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	933	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	934	ASSERT(iEventService != NULL);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	935
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	936	iEventService->RemoveListener(this);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	937	iEventService = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	938	delete iProtocolIpsec;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	939	iProtocolIpsec = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	940	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	941
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	942	// ************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	943	// CProtocolSecpol::BindToL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	944	// ************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	945	void CProtocolSecpol::BindToL(CProtocolBase *aProtocol)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	946	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	947	* Bind Secpol protocol to other protocols.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	948	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	949	* This calls comes from the socket server, when it processed the "bindto/bindfrom" directives
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	950	* of the ESK files: "[secpol] bindto= ip6,pfkey". The secpol only accepts protocols
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	951	* KProtocolInet6Ip and KProtocolKey. Trying to bind anything else will result an error leave.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	952	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	953	* The base class CProtocolPostHook::DoBindToL handles the KProtoclInet6Ip (network) binding
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	954	* and calls NetworkAttachedL method, it that happens.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	955	* This code only needs to recognize the PFKEY (KProtocolKey) binding. The PFKEY provides
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	956	* MAssociationManager.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	957	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	958	* @param aProtocol The target protocol to bind to.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	959	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	960	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	961	const TUint id = (TUint)DoBindToL(aProtocol);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	962	if (iAssociationManager == NULL && (iAssociationManager = IPSEC::FindAssociationManager(aProtocol, id)) != NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	963	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	964	iAssociationManager->Open();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	965	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	966	else if (id)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	967	User::Leave(KErrGeneral);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	968	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	969
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	970	// **********
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	971	// CIpsecHook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	972	// **********
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	973	CIpsecHook::CIpsecHook(
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	974	MAssociationManager &aMgr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	975	CFlowContext &aFlow,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	976	const RPolicySelectorInfo &aInfo,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	977	const TInt aCount,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	978	const TInt aTunnels) :
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	979	iMgr(aMgr), iFlow(aFlow), iInfo(aInfo), iCount((TUint8)aCount), iTunnels((TUint8)aTunnels)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	980	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	981	iMgr.Open(); // Association manager needs exist while this CIpsecHook exists.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	982	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	983
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	984	// ***********************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	985	// CIpsecHook::~CIpsecHook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	986	// ***********************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	987	CIpsecHook::~CIpsecHook()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	988	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	989	// Detach associated Security Assocations
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	990	for (TInt i = 0; i < iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	991	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	992	RHookSA &h = Assoc(i);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	993	h.None();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	994	h.iItem->Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	995	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	996
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	997	// Close tunnel src address endpoints
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	998	for (TInt j = 0; j < iTunnels; ++j)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	999	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1000	RIpAddress &addr = Tunnel(j);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1001	addr.Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1002	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1003
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1004	#ifdef IPSEC_OBJECT_TRACKING
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1005	// Close the remote/local RIpAddress (not really
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1006	// necessary, but automatic destructors are run
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1007	// so late that object counting debug would cause
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1008	// spurious panic...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1009	iInfo.iRemote.Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1010	iInfo.iLocal.Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1011	#endif
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1012
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1013	iMgr.Close(); // Release the association manager
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1014	LOG(Log::Printf(_L("\tMFlowHook[%u] destruct"), (TUint)this));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1015	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1016
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1017	// ****************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1018	// CIpsecHook::NewL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1019	// ****************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1020	CIpsecHook *CIpsecHook::NewL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1021	(MAssociationManager &aMgr,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1022	CFlowContext &aFlow,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1023	const RPolicySelectorInfo &aInfo,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1024	TInt aCount, CPolicyAction **aItems,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1025	TInt aTunnels, const RIpAddress *aSrc)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1026	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1027	* Create a new IPSEC hook handle object.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1028	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1029	* Allocating space only as much as is absolutely necessary.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1030	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1031	* @param aMgr The association manager
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1032	* @param aFlow The flow context
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1033	* @param aInfo The policy selector information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1034	* @param aCount The number of transforms (includes plain tunnels)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1035	* @param aItems The transforms (aCount)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1036	* @param aTunnels The number of tunnels within transforms
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1037	* @param aSrc The tunnel source addresses
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1038	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1039	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1040	const TInt extra = aCount * sizeof(RHookSA) + aTunnels * sizeof(RIpAddress);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1041
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1042	CIpsecHook *const handle = new (extra) CIpsecHook(aMgr, aFlow, aInfo, aCount, aTunnels);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1043	if (handle == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1044	User::Leave(KErrNoMemory);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1045
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1046	// Initialize RAssociation Hooks
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1047	for (TInt i = 0; i < aCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1048	(void)new (&handle->Assoc(i)) RHookSA(aFlow, aItems[i]);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1049
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1050	// Initialize tunnel srsc addresses
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1051	for (TInt j = 0; j < aTunnels; ++j)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1052	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1053	(void)new (&handle->Tunnel(j)) RIpAddress(aSrc[j]);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1054	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1055	return handle;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1056	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1057
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1058	TInt CProtocolSecpol::SelectSource(const RIpAddress &aDst, RIpAddress &aSrc) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1059	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1060	* Select the source address for a destination.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1061	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1062	* @param aDst The destination address
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1063	* @retval aSrc The selected source address
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1064	* @return KErrNone
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1065	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1066	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1067	TIp6Addr src;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1068	if (NetworkService()->Interfacer()->CheckRoute(aDst(), aDst().iScope, src) != KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1069	return EIpsec_NoInnerSource; // Could not find the src addres!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1070	// ARGHH! Checkroute does not return the source scope id...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1071	// NEED to fetch some value by uncertain methods..
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1072	TUint32 scope = NetworkService()->Interfacer()->LocalScope(src, aDst().iScope, (TScopeType)(aDst().Scope()-1));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1073	aSrc.Set(src, scope);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1074	return KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1075	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1076
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1077
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1078	static void AfterTunnelAction(RPolicySelectorInfo &aInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1079	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1080	* Change policy selector to match state after applied tunnel.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1081	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1082	* - ports = 0
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1083	* - protocol #KProtocolInetIpip or #KProtocolInet6Ipip
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1084	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1085	* Internal help function. Assume iLocal/iRemote have already
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1086	* been updated, if required.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1087	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1088	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1089	aInfo.iPortLocal = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1090	aInfo.iPortRemote = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1091	aInfo.iFlags &= ~KTransportSelector_PORTS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1092	aInfo.iProtocol = aInfo.iRemote().IsV4Mapped() ? KProtocolInetIpip : KProtocolInet6Ipip;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1093	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1094
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1095	TInt CProtocolSecpol::CollectBundle(TPolicyFilterInfo &aFilter, RPolicySelectorInfo &aKey, const TInt aMaxItems,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1096	CPolicyAction *aItems , RIpAddress aSrc, TInt &aTunnels) const
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1097	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1098	* Match the packet against the policy selectors and collect the IPsec actions.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1099	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1100	* The function may modify the aFilter and aKey parameters.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1101	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1102	* @retval aFilter The filter
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1103	* @retval aKey The packet information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1104	* @param aMaxItems Max limit for actions.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1105	* @retval aItems The collected actions.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1106	* @retval aSrc The current source address.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1107	* @retval aTunnels The number of tunnels.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1108	* @return
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1109	* @li >= 0. The number of actions.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1110	* @li EIpsec_NoSelectorMatch, packet does not match policy
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1111	* @li EIpsec_MaxTransforms, too many actions triggered.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1112	* @li EIpsec_NoInnerSource, cannot select tunnel source (error is now misnamed).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1113	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1114	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1115	TInt result = EIpsec_NoSelectorMatch;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1116	aTunnels = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1117	TInt i = 0;
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1118
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1119	//UMA support REQ417-40027
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1120	TBool exception_flag = EFalse;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1121	TBool exception_drop_flag = EFalse;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1122
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1123
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1124	if (iIPSecGANSupported)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1125	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1126	//Check for exception selector being loaded or not. This is required for Drop mode policy
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1127	//If policy is set as
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1128	// inbound = drop
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1129	// outbound = drop
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1130	// then instead returning Excetion selectors should be checked.
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1131	CheckExceptionSelector(exception_flag);
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1132	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1133
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1134
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1135	for (CPolicySelector *ps = iPolicy->iSelectors; ps != NULL; ps = ps->iNext)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1136	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1137	// 1. Check filtering
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1138	if (((aFilter.iFlags ^ ps->iFilterData) & ps->iFilterMask) \|\|
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1139	(ps->iInterface && ps->iInterface->iInterfaceIndex != aFilter.iIndex))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1140	continue; // -- this selector filtered out, try next.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1141	// 2. check transport selectors (empty TS matches all)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1142	if (ps->iTS == NULL \|\| ps->iTS->Match(aKey))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1143	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1144	if (ps->iFilterData & KPolicyFilter_DROP)
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1145	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1146	// UMA support REQ 417-40027
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1147	if (iIPSecGANSupported && exception_flag)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1148	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1149	//Work around for Exceptions
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1150	exception_drop_flag = ETrue;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1151	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1152	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1153
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1154	return EIpsec_NoSelectorMatch;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1155	}
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1156
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1157	const TInt N = ps->iActions.Count();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1158	for (TInt k = 0; k < N; k++)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1159	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1160	CPolicyAction *const action = ps->iActions[k];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1161	if (action == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1162	continue;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1163	if (i == aMaxItems)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1164	return EIpsec_MaxTransforms;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1165	aItems[i++] = action;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1166	if (!action->iTunnel().IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1167	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1168	// After tunneling, any futher matching is based on the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1169	// selectors of a tunnel (addresses only, no ports)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1170	aFilter.iFlags \|= KPolicyFilter_TUNNEL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1171	if (!KOuterIsInner.IsEqual(action->iTunnel()))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1172	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1173	aKey.iRemote = action->iTunnel;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1174	if (SelectSource(aKey.iRemote, aKey.iLocal) != KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1175	return EIpsec_NoInnerSource;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1176	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1177	AfterTunnelAction(aKey);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1178	// Return list of source addresses, if the target array is supplied
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1179	if (aSrc)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1180	aSrc[aTunnels] = aKey.iLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1181	aTunnels++;
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1182	}//if action
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1183	}//for
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1184	//UMA support REQ417-40027
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1185	if(iIPSecGANSupported)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1186	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1187	if(!exception_drop_flag)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1188	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1189	//Check if drop mode is set with exception selectors...out from this result loop
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1190	//and jump onto Expection selector handling.
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1191	result = i;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1192	if (ps->iFilterData & KPolicyFilter_FINAL)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1193	break; // Final selector, no merge allowed!
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1194	aFilter.iFlags \|= KPolicyFilter_MERGE; // Mark "merge only".
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1195	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1196	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1197	else
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1198	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1199	result = i;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1200	if (ps->iFilterData & KPolicyFilter_FINAL)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1201	break; // Final selector, no merge allowed!
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1202	aFilter.iFlags \|= KPolicyFilter_MERGE; // Mark "merge only".
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1203	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1204	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1205	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1206	if (iIPSecGANSupported)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1207	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1208	if (result == EIpsec_NoSelectorMatch && exception_flag)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1209	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1210	// No selector matches above. Check for Exception selector
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1211	for (CPolicySelector *ps = iPolicy->iSelectors; ps != NULL; ps = ps->iNext)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1212	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1213	if(((ps->iFilterData & KPolicyFilter_Exception) != KPolicyFilter_Exception))
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1214	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1215	//Skip till Exception selector is loaded
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1216	continue;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1217	}//if
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1218	else
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1219	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1220	if (ps->iInterface && ps->iInterface->iInterfaceIndex != aFilter.iIndex)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1221	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1222	continue; ////Sanity Check;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1223	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1224	if(aFilter.iFlags & KPolicyFilter_OUTBOUND )
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1225	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1226	//Check for Scopes for packet going out. Scope should be the tunnel end networkID configured for Tunnel need Exception
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1227	TIpAddress iAddr = aKey.iLocal();
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1228	TInt scope = iAddr.iScope;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1229	if(scope == ps->iScope_Exception)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1230	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1231	LOG(Log::Printf(_L("Exception outbound- \n exception scope = %d\n, packet scope = %d\n"), ps->iScope_Exception, scope));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1232	result = NULL;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1233	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1234	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1235	}//outbound filter
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1236	if(aFilter.iFlags & KPolicyFilter_INBOUND)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1237	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1238	//TODO comments
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1239	TIpAddress iAddr = aKey.iRemote();
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1240	TInt scope = iAddr.iScope;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1241	if(scope== ps->iScope_Exception)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1242	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1243	LOG(Log::Printf(_L("Exception inbound- \n exception scope = %d\n ,packet scope = %d\n"), ps->iScope_Exception, scope));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1244	result = NULL;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1245	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1246	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1247	}//INBOUND
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1248	}//else
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1249	}//for
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1250	}//exception CHECK
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1251	}///if (iIPSecGANSupported)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1252	return result;
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1253	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1254
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1255
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1256
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1257	MFlowHook CProtocolSecpol::OpenL(TPacketHead &aHead, CFlowContext aFlow)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1258	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1259	* Attach IPsec processing to a flow (if needed).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1260	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1261	* OpenL is called once when the flow is opened. It should decide
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1262	* whether further calls are necessary (ReadyL/ApplyL) for this flow.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1263	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1264	* When called, the IPsec selector information is in TPacketHead.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1265	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1266	* If OpenL() notices that the flow will never be opened,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1267	* it will leave with error, causing the flow to be cancelled.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1268	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1269	* The OpenL tasks:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1270	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1271	* @li Consult the Security Policy and find out what actions
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1272	* need to be done for this flow: reject, pass clear or
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1273	* apply IPsec.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1274	* @li If there are IPsec actions, then allocate a
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1275	* CIpHook object to handle the processing of the flow.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1276	* @li If the actions include tunneling, update the flow
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1277	* selector information to match the outermost tunnel.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1278
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1279	* @param aHead The flow information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1280	* @param aFlow The flow context (always NON-NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1281	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1282	* @return CIpsecHook or NULL.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1283	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1284	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1285	if (Policy() == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1286	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1287	LOG(Log::Printf(_L("CProtocolSecpol::OpenL() -- No IPSEC policy loaded")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1288	return NULL; // No Policy, no IPSEC available
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1289	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1290	if (!iAssociationManager)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1291	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1292	LOG(Log::Printf(_L("CProtocolSecpol::OpenL() -- PFKEY not avaiable")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1293	return NULL; // No CProtocolKey, no IPSEC available
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1294	// (should this cause packet drops instead?)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1295	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1296
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1297	TPolicyFilterInfo filter;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1298	filter.iIndex = aHead.iInterfaceIndex;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1299	filter.iFlags = KPolicyFilter_OUTBOUND;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1300
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1301	iPktInfo.FillZ();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1302	iPktInfo.iProtocol = aHead.iProtocol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1303	for (const TSnoopHeader *f = snooper; f < snooper_end; ++f)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1304	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1305	if (iPktInfo.iProtocol == f->iProtocol)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1306	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1307	if (f->iSelector <= KLoadLocal)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1308	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1309	iPktInfo.iFlags \|= KTransportSelector_PORTS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1310	iPktInfo.iPortLocal = aHead.iSrcPort;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1311	iPktInfo.iPortRemote = aHead.iDstPort;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1312	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1313	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1314	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1315	iPktInfo.iPortLocal = (TUint16)((aHead.iIcmpType << 8) \| aHead.iIcmpCode);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1316	iPktInfo.iPortRemote = iPktInfo.iPortLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1317	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1318	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1319	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1320	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1321	iPktInfo.iLocal.Set(aHead.ip6.SrcAddr(), aHead.iSrcId);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1322	iPktInfo.iRemote.Set(aHead.ip6.DstAddr(), aHead.iDstId);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1323
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1324	CPolicyAction *items[KIpsecMaxNesting]; // Collected actions [0..count-1]
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	1325
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1326	TInt tunnels = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1327	LOG(LogSelectorInfo(_L("OpenL\t"), iPktInfo, filter));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1328	RPolicySelectorInfo final_info = iPktInfo;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1329	TInt count = CollectBundle(filter, final_info, KIpsecMaxNesting, items, iMyself, tunnels);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1330	if (count < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1331	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1332	LOG(Log::Printf(_L("\tDROP")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1333	User::Leave(count);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1334	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1335	else if (count == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1336	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1337	ASSERT(tunnels == 0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1338	LOG(Log::Printf(_L("\tPASS")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1339	return NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1340	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1341	ASSERT(tunnels <= count);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1342
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1343	CIpsecHook handle = CIpsecHook::NewL(iAssociationManager, *aFlow, iPktInfo, count, items, tunnels, iMyself);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1344
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1345	LOG(Log::Printf(_L("\tMFlowHook[%u] attached"), (TUint)handle));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1346
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1347	if (tunnels)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1348	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1349	// If tunneling happened, then update the packet head
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1350	// information accordingly.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1351
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1352	aHead.ip6.SetDstAddr(final_info.iRemote());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1353	aHead.iDstId = final_info.iRemote().iScope;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1354	aHead.iSourceSet = 1;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1355	aHead.ip6.SetSrcAddr(final_info.iLocal());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1356	aHead.iSrcId = final_info.iLocal().iScope;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1357	aHead.iProtocol = final_info.iProtocol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1358	aHead.iDstPort = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1359	aHead.iSrcPort = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1360	aHead.iIcmpType = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1361	aHead.iIcmpCode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1362	// should set proper tunnel protocol? 4 or 41 depending on outermost inner header?
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1363	aHead.ip6.SetVersion(aHead.ip6.DstAddr().IsV4Mapped() ? 4 : 6);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1364
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1365	// Comment on setting: aHead.iFragment = 1
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1366	// ---------------------------------------
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1367	// It is possible to request fragmentation before the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1368	// IPSEC processing, if the IPSEC is adding the tunnel.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1369	// HOWEVER This would be legal ONLY IF the tunneling
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1370	// SA is the FIRST (or only) transformation. If the policy
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1371	// actions says something like
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1372	// ESP + AH(tunnel)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1373	// then ESP is in transport mode, and applying that to
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1374	// fragments is not ALLOWED. The fragmenting should happen
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1375	// AFTER the ESP transformation, and before the tunneling.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1376	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1377	// This is not possible with current IPSEC hook.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1378	// To enable such feature, either
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1379	// 1) IPSEC must do the fragmenting self
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1380	// 2) IPSEC processing needs to be split into two
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1381	// flow hooks, the first doing the ESP (transport only), and
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1382	// the second requesting fragmentation and doing tunnel + AH
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1383	// (and possible remaining transforms).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1384	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1385	return handle;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1386	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1387
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1388	void CIpsecHook::Close()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1389	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1390	* Decrement reference count.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1391	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1392	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1393	CIpsecReferenceCountObject::Close();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1394	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1395
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1396	void CIpsecHook::Open()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1397	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1398	* Increment reference count.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1399	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1400	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1401	CIpsecReferenceCountObject::Open();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1402	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1403
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1404	TInt CIpsecHook::ReadyL(TPacketHead &aHead)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1405	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1406	* ReadyL implementation for IPsec MFlowHook.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1407	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1408	* The ReadyL calls "propagate" interface ready state up the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1409	* flow. The calls to hooks are made in reverse order, the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1410	* "closest to interface" is called first.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1411	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1412	* This function has following tasks
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1413	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1414	* @li Verify that all Security Associations (SA) required by the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1415	* actions (CPolicyAction) collected in OpenL, are
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1416	* available (call MAssociationManager::Acquire() for
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1417	* each).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1418	* @li If any of the required SA's is not yet available, then
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1419	* block the flow (and ReadyL) process by returning
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1420	* EFlow_PENDING. When the SA's become available, there
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1421	* will be a callback (RHookSA::Callback()). which can
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1422	* set the flow back to READY state and trigger a rerun
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1423	* of the ReadyL chain.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1424	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1425	* @param aHead The packet flow information.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1426	* @return
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1427	* @li == 0, hook is ready, proceed to refresh the next one or
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1428	* mark the flow as READY, if this was the first hook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1429	* @li > 0 (EFlow_PENDING), hook is not ready, the ReadyL calling
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1430	* is stopped and flow is set to pending state.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1431	* @li < 0, hook detected a permanent error condition. The flow
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1432	* goes into error state.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1433	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1434	* WARNING
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1435	* The ReadyL method can be called multiple times!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1436	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1437	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1438	TInt result = KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1439	TInt overhead = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1440
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1441	// ... could ASSERT that current dst/src in packet head is
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1442	// exactly the same as at the end of the OpenL above.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1443
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1444	// Restore upper layer state
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1445	aHead.ip6.SetSrcAddr(iInfo.iLocal());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1446	aHead.iSrcId = iInfo.iLocal().iScope;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1447	aHead.ip6.SetDstAddr(iInfo.iRemote());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1448	aHead.iDstId = iInfo.iRemote().iScope;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1449	if (iInfo.iFlags & KTransportSelector_PORTS)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1450	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1451	aHead.iSrcPort = iInfo.iPortLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1452	aHead.iDstPort = iInfo.iPortRemote;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1453	aHead.iIcmpType = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1454	aHead.iIcmpCode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1455	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1456	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1457	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1458	aHead.iSrcPort = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1459	aHead.iDstPort = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1460	aHead.iIcmpType = (TUint8)iInfo.iPortLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1461	aHead.iIcmpCode = (TUint8)(iInfo.iPortLocal >> 8);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1462	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1463	aHead.ip6.SetVersion(aHead.ip6.DstAddr().IsV4Mapped() ? 4 : 6);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1464
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1465	const RIpAddress *src = &iInfo.iLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1466	const RIpAddress *dst = &iInfo.iRemote;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1467
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1468	LOG(Log::Printf(_L("ReadyL\tMFlowHook[%u]"), (TUint)this));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1469
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1470	// Try to acquire the actual SA's required by the bundle
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1471
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1472	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1473	// Goes through all SA's, even if some of them fail. This is to
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1474	// get all possible ACQUIRE requests queued on one packet.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1475	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1476	// When entering ready, the head contains the final destination
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1477	// address as defined by possible tunnels. However, this can be
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1478	// ignored, as we have the saved original destination which should
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1479	// be in the packet head after this ReadyL. (And the final destionation
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1480	// should be original destination or the last tunnel from the bundle.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1481	TInt j = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1482	TInt tunnel_mode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1483	RPolicySelectorInfo info = iInfo;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1484	for (TInt i = 0; i < iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1485	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1486	RHookSA &h = Assoc(i);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1487
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1488	// Save current dst/src for the case of optional item skipped.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1489	const RIpAddress *const dst_opt = dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1490	const RIpAddress *const src_opt = src;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1491
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1492	if (!h.iItem->iTunnel().IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1493	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1494	if (!KOuterIsInner.IsEqual(h.iItem->iTunnel()))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1495	dst = &h.iItem->iTunnel; // destination changed
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1496	src = &Tunnel(j++); // Outer Source Address!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1497	tunnel_mode = 1;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1498	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1499	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1500	tunnel_mode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1501
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1502	CSecurityAssoc *sa = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1503	if (h.iItem->iSpec == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1504	h.iState = KErrNone; // Always ready, no SA needed.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1505	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1506	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1507	// Tranformation needs an IPSEC Security Association
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1508	// Because ReadyL can be called multiple times, it is
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1509	// possible to have associations already setup at this
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1510	// point (or only some of them not available yet).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1511	#ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1512	if(h.iItem->iSpec->iPropList->Count() > MAX_PROPOSALS_PER_SA)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1513	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1514	User::Leave(EIpsec_MaxTransforms);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1515	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1516	TInt res2 = iMgr.Acquire(sa, h.iItem->iSpec->iSpec, h.iItem->iSpec->iPropList, h.iItem->iTS, src, dst, info, tunnel_mode);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1517	#else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1518	TInt res2 = iMgr.Acquire(sa, h.iItem->iSpec->iSpec, h.iItem->iTS, src, dst, info, tunnel_mode);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1519	#endif // SYMBIAN_IPSEC_VOIP_SUPPORT
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1520	// Note: Acquire returns
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1521	// - KErrNone = EFlow_READY, when SA already exists and is usable
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1522	// - KRequestPending, when a larval SA is created and keymanagement Acquire in progress
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1523	// - KErrNotFound, when SA cannot be allocated for some reason (fatal error, abort flow!)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1524	if (res2 == KRequestPending)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1525	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1526	// The following test is temporary work-around for a
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1527	// bug in PFKEY implementation: the PKFEY does not properly
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1528	// check whether the SA reply to ACQUIRE matches request. It
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1529	// just changes the matching egg SA into MATURE state.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1530	// If above acquire returns pending (no matching SA exists),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1531	// and we already have a "MATURE" SA assigned, then assume
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1532	// the key manager is not providing a correct SA for the ACQUIRE.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1533	// To prevent continous ACQUIRE looping, abort flow.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1534	const CSecurityAssoc *const sa2 = h.Association();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1535	if (sa != sa2 && sa2 && sa2->State() == SADB_SASTATE_MATURE)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1536	res2 = EIpsec_AcquireFailed;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1537	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1538	res2 = EFlow_PENDING;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1539	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1540	h.iState = res2; // Remember the last result for SA.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1541	#ifdef _LOG
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1542	if (res2 > 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1543	LogBundleItem(_L("\t\tWaiting SA: "), *h.iItem, sa);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1544	else if (res2 == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1545	LogBundleItem(_L("\t\tSA ready: "), *h.iItem, sa);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1546	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1547	LogBundleItem(_L("\t\tSA unavailable: "), *h.iItem, sa);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1548	#endif
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1549	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1550	// Keep the first error as final error... however, fatal error
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1551	// state ( < 0) should override any pending error state ( > 0).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1552	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1553	if (h.iItem->iOptional)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1554	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1555	if (res2 != KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1556	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1557	// Optional item not ready, cancel address changes.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1558	// (this is not 100% correct--now the following
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1559	// SA's are requested with the old addresses, and
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1560	// will become incorrect, if the optional SA appears
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1561	// at some later stage without ReadyL being rerun!)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1562	dst = dst_opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1563	src = src_opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1564	tunnel_mode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1565	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1566	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1567	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1568	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1569	// Only obligatory items affect final result.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1570	if (result == KErrNone \|\| (result > 0 && res2 < 0))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1571	result = res2;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1572	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1573	// For after tunnel, the pktinfo must be changed too..
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1574	if (tunnel_mode)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1575	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1576	info.iRemote = *dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1577	info.iLocal = *src;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1578	AfterTunnelAction(info);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1579	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1580	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1581	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1582	// Whatever the result was, attach the new SA (possibly NULL or same as before)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1583	// to the handle.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1584	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1585	h.Reset(sa);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1586	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1587	// Find out how much overhead this transform adds to a packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1588	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1589	overhead += iMgr.Overhead(sa, h.iItem->iTunnel());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1590	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1591
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1592	if (result == KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1593	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1594	// If all SA's are available, the header space requirement
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1595	// is now known (coded in a way that allows this to change
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1596	// dynamicalle, if required)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1597	iFlow.iHdrSize += overhead;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1598	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1599	return result;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1600	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1601
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1602	TInt CIpsecHook::ApplyL(RMBufSendPacket &aPacket, RMBufSendInfo &aInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1603	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1604	* Apply the IPsec actions to the outgoing packet.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1605	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1606	* This is part of IPv6 outgoing packet hook processing.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1607	* @li aPacket is the outgoing packet. It is FULL packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1608	* and already includes the outgoing IPv6 header. If
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1609	* the hook needs to do any modifications to the outgoing
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1610	* packet, it must make them into aPacket.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1611	* @li aPacket has an info block associated. The info->iLength
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1612	* MUST be maintained, if any change affects it.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1613	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1614	* @param aPacket The IP packet to process (unpacked).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1615	* @param aInfo The unpacked info block associated with the aPacket.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1616	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1617	* @return (as specified for the hook mechanism)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1618	* @li Any Leave causes the packet to be dropped
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1619	* @li = 0, pass on to the next output hook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1620	* @li < 0, the hook took "ownership" of the packet (usually
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1621	* just dropped it explicitly), "Send aborted" return!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1622	* @li > 0, This return value is not used at this
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1623	* point. Do not return with > 0!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1624	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1625	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1626	TInt tunnel = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1627	const TIpAddress *dst = &iInfo.iRemote();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1628	for (TInt i = 0; i < iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1629	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1630	const RHookSA &h = Assoc(i);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1631
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1632	// Save current dst for the case of optional item skipped.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1633	// (src does not need to be saved, because for non-tunnels,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1634	// the source is already in the packet, and for tunnels,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1635	// the source is always taken from the Tunnel(x). And even
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1636	// the saved dst is only needed for the case where outer tunnel
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1637	// dst is defined to be same as inner).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1638	const TIpAddress *const dst_opt = dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1639
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1640	const TIpAddress *tunnel_address = &h.iItem->iTunnel();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1641	if (!tunnel_address->IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1642	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1643	// Pass outer src in the info
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1644	TInetAddr::Cast(aInfo.iSrcAddr).SetAddress(Tunnel(tunnel++)());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1645	// [should also set aInfo.iDstAddr ?]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1646
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1647	// Use the previous dst as tunnel address, if tunnel is defined as all-ones
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1648	if (KOuterIsInner.IsEqual(*tunnel_address))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1649	tunnel_address = dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1650	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1651	dst = tunnel_address;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1652	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1653	// NOTE
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1654	// The IPSEC engine ApplyL does not follow the hook Apply return values
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1655	// fully. It never reseases the packet and error return is just a signal
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1656	// that transformation failed. Perhaps should do something? For now,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1657	// just convert error return to leave! -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1658	if (h.iState == KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1659	User::LeaveIfError(iMgr.ApplyL(h.Association(), aPacket, aInfo, *tunnel_address));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1660	else if (!h.iItem->iOptional)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1661	User::Leave(EIpsec_LostSA);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1662	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1663	dst = dst_opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1664	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1665	// ApplyL may notice that SA is DYING or already dead, when DYING the flow
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1666	// should be set to pending after this packet (and renegotiation of SA
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1667	// sould be activated). If DEAD, the same happens, but additionally the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1668	// packet is dropped.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1669	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1670	return KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1671	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1672
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1673	// CProtocolSecpol::UpdateTunnelInterface
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1674	// **************************************
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1675	// The problem: when applying IPSEC detunneling, the inner source and destination
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1676	// addresses must be acceptable for the "inbound interface". When VPN tunnels are
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1677	// in use, the addresses are normally not valid for the real interface and IPsec
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1678	// must update the iInterfaceIndex to point to the proper VPN interface, so that
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1679	// the checks pass.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1680	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1681	// Just using the inner destination and searching for any interface that would
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1682	// accept packets for that address only work for unique addresses. If there are
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1683	// overlapping ranges (10-nets) or IPv6 scoped addresses (site or link local),
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1684	// then the scope id is required.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1685	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1686	// Assume CSecurityAssoc::TunnelIndex() must return the interface index of the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1687	// associated VPN tunnel interface, if non-zero. (this does not care how
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1688	// such thing got associated with the SA...)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1689	void CProtocolSecpol::UpdateTunnelInterface(RMBufRecvInfo &aInfo, const CSecurityAssoc *const aSa)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1690	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1691	if (aSa && aSa->TunnelIndex())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1692	aInfo.iInterfaceIndex = aSa->TunnelIndex();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1693	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1694
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1695	void CProtocolSecpol::CheckPacketId(RMBufHookPacket &aPacket)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1696	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1697	* Detect when packet has changed.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1698	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1699	* The IPsec hook can get multiple calls from the same packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1700	* to various hooks that it has installed, and they collect state
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1701	* information into the member variables of the CProtocolSecpol.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1702	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1703	* The state information contains
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1704	* - IPsec transforms done
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1705	* - Fragment information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1706	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1707	* Sometimes, some other hook or component just throws the packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1708	* away. IPsec needs to reset the collected information, if packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1709	* is changed.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1710	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1711	* The network layer tags each packet with id, which can be used
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1712	* for this purposed (RMBufRecvInfo::HookValue(0)).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1713	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1714	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1715	const TUint32 packet_id = aPacket.HookValue(0);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1716	ASSERT(packet_id); // The packet id must be present!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1717	if (packet_id == iPacketId)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1718	return;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1719
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1720	// A new packet is being processed, scrap previous
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1721	// SA and tunnel information.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1722	if (iIsFragment)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1723	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1724	CIpsecFragmentInfo **h = &iFrags;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1725	CIpsecFragmentInfo *f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1726
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1727	// Count the number of currently stored states,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1728	// and release all that are over the maximum
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1729	// count (from the end of chain, oldest ones first).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1730	for (TInt count = 0; (f = *h) != NULL;)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1731	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1732	if (++count >= KIpsecMaxFragmentInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1733	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1734	// Too many Fragment states stored, delete
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1735	// the entry
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1736	*h = f->iNext;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1737	delete f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1738	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1739	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1740	h = &f->iNext;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1741	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1742	// The other packet was a fragment, need to save
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1743	// the information for later use. Adds the new
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1744	// information in front of the list.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1745	f = CIpsecFragmentInfo::New(iCountSA);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1746	if (f)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1747	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1748	f->iId = iId;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1749	f->iSrc = iSrc;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1750	f->iDst = iDst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1751	for (TInt i = 0; i < f->iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1752	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1753	// Copy a reference to the SA
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1754	(*f)[i].iSA.Reset(iSA[i].Association());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1755	(*f)[i].iTunnel = iTunnel[i]();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1756	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1757	f->iNext = iFrags;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1758	iFrags = f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1759	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1760	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1761	iPacketId = packet_id;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1762	iCountSA = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1763	iIsFragment = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1764	iIsTunnelMode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1765	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1766
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1767	TInt CProtocolSecpol::CheckFragmentPolicy()
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1768	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1769	* Verify fragment policy.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1770	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1771	* A fragment has been detected. Need to check that if there are other fragments
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1772	* of the same packet, they all have been protected with the same IPsec.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1773	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1774	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1775	CIpsecFragmentInfo **h = &iFrags;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1776	CIpsecFragmentInfo *f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1777	for (;(f = *h) != NULL; h = &f->iNext)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1778	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1779	if (f->iId != iId \|\| f->iSrc != iSrc \|\| f->iDst != iDst)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1780	continue;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1781
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1782	// A matching fragment information already exists in the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1783	// list. This means that we have already received other
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1784	// fragment(s) of this packet and now must check that all
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1785	// applied IPSEC is same for all fragments.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1786	for (TInt i = 0; i < f->iCount; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1787	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1788	if ((*f)[i].iSA.Association() != iSA[i].Association() \|\|
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1789	(*f)[i].iTunnel != iTunnel[i]())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1790	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1791	// A mismatch has been detected. Either this or previous
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1792	// fragment had invalid IPSEC applied. There is no way
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1793	// to know which one, thus just drop the current.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1794	return EIpsec_FragmentMismatch;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1795	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1796	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1797	// All applied IPSEC matches, release the stored information
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1798	*h = f->iNext;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1799	delete f;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1800	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1801	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1802	return KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1803	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1804
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1805	TInt CProtocolSecpol::TransformL(RMBufHookPacket &aPacket, RMBufRecvInfo &aInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1806	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1807	* Do IPsec transforms for incoming packet.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1808	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1809	* The CProtocolIpsec binds to AH, ESP and UDP (for NAT traversal), but delegates
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1810	* actual processing to this main class -- CProtocolIpsec::ApplyL() just calls
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1811	* this TransformL() directly.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1812	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1813	* Additionally, CProtocolIpsec hooks the IPv6 Fragment header to detect
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1814	* IPv6 fragments.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1815	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1816	* @li Recognize the AH and ESP, and unwrap them from the packet,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1817	* and remember the transforms as packet state.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1818	* @li Recognize the special UDP that does the NAT traversal
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1819	* @li Recognize fragments that are uncovered by detunneling
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1820	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1821	* @param aPacket The incoming packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1822	* @param aInfo The packet info.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1823	* @return KIp6Hook_PASS, KIp6Hook_DONE or error, depending on conditions.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1824	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1825	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1826	TInt reason = KErrNotSupported;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1827	CheckPacketId(aPacket); // Do the packet id check
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1828
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1829	for (;;)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1830	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1831	if (!iAssociationManager)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1832	break; // No CProtocolKey ==> Drop Packet!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1833	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1834	// A reminder: Nothing says that the same SA cannot apply
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1835	// multiple times to a packet (although it would be a weird
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1836	// policy to define). Thus, beware that table may include
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1837	// multiple pointers to the same SA. However, iProtocolKey->ApplyL
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1838	// returns an error, if the SA expires and the packet is dropped
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1839
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1840	const TUint id = aInfo.iProtocol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1841	const TInt is_udp = (id == KProtocolInetUdp);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1842
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1843	if (aInfo.iIcmp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1844	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1845	// An ICMP Error report, where the returned packet contains
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1846	// ESP or AH header supposedly generated by this host...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1847	if (is_udp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1848	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1849	reason = EIpsec_IcmpError;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1850	break; // Not much one can do...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1851	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1852
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1853	if (id == KProtocolInetEsp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1854	// There will be ESP processing, for temporary security fix,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1855	// prevent this packet from being used in ICMP Error
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1856	// reports -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1857	aInfo.iFlags \|= KIpNeverIcmpError;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1858	else if (id == KProtocolInetIpip)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1859	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1860	// Extract Fragment information from the IPv4 IP Header
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1861	TInet6Packet<TInet6HeaderIP4> ip(aPacket, aInfo.iOffset);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1862	if (ip.iHdr == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1863	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1864	reason = EIpsec_CorruptPacketIn;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1865	break; // Drop! (packet too short)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1866	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1867	if (ip.iHdr->MF() != 0 \|\| ip.iHdr->FragmentOffset() != 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1868	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1869	iIsFragment = 1;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1870	iId = ip.iHdr->Identification() \| (ip.iHdr->Protocol() << 16);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1871	// What should the scope id be?
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1872	iSrc.SetAddress(ip.iHdr->SrcAddr());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1873	iDst.SetAddress(ip.iHdr->DstAddr());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1874	reason = CheckFragmentPolicy();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1875	if (reason < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1876	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1877	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1878	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1879	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1880	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1881	else if (id == KProtocolInet6Fragment)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1882	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1883	// Extract Fragment information from the IPv6 Fragment Header
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1884	TInet6Packet<TInet6HeaderFragment> fh(aPacket, aInfo.iOffset);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1885	if (fh.iHdr == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1886	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1887	reason = EIpsec_CorruptPacketIn;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1888	break; // Drop! (packet too short)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1889	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1890	iIsFragment = 1;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1891	iId = fh.iHdr->Id();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1892	iSrc.SetAddress(aInfo.iSrcAddr);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1893	iDst.SetAddress(aInfo.iDstAddr);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1894	reason = CheckFragmentPolicy();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1895	if (reason < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1896	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1897	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1898	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1899
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1900	if (iCountSA == KIpsecMaxNesting)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1901	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1902	reason = EIpsec_MaxTransforms;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1903	break; // Too deep nesting!!!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1904	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1905
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1906	iMyself[iCountSA].Set(TInetAddr::Cast(aInfo.iDstAddr));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1907	CSecurityAssoc *sa = NULL;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1908	TIpAddress tunnel;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1909	reason = iAssociationManager->ApplyL(sa, aPacket, aInfo, id, tunnel);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1910	iTunnel[iCountSA].Set(tunnel, tunnel.iScope);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1911
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1912	if (reason == EIpsec_NotANATTPacket)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1913	return KIp6Hook_PASS; // The packet was a normal UDP packet, pass through
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1914	else if (reason < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1915	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1916	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1917	// ApplyL wants the packet dropped
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1918	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1919	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1920	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1921	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1922	// If id (= protocol) was UDP, do not increment iCountSA
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1923	// The current packet has been an UDP capsulated ESP packet from
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1924	// which the UDP header is now been removed
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1925	if (!is_udp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1926	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1927	// If detunneling happened, there is a need to change
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1928	// the interface index based on inner destination! -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1929	if (!iTunnel[iCountSA]().IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1930	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1931	UpdateTunnelInterface(aInfo, sa);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1932	iIsTunnelMode = 1; // (should actually take this flag from the SA --msa)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1933	};
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1934	iSA[iCountSA++].Reset(sa); // Attach the returned sa to the handle
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1935	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1936	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1937	// The packet has been changed, report this to the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1938	// caller.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1939	aInfo.iProtocol = reason;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1940	return KIp6Hook_DONE;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1941	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1942	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1943	// A Packet is dropped, deliver a copy to potentially interested
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1944	// parties (should have some limiter here?)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1945	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1946	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1947	// NOTE
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1948	// The reason for the packet drop is now passed in the Port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1949	// field of the info.iSrcAddr. Somewhat kludgy... --msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1950	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1951	iCountSA = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1952	LOG(Log::Printf(_L("IPSEC Transform (%d) failed %d"), aInfo.iProtocol, reason));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1953	aInfo.iSrcAddr.SetPort(reason);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1954	Deliver(aPacket);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1955	aPacket.Free();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1956	return reason;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1957	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1958
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1959	TInt CProtocolSecpol::ApplyL(RMBufHookPacket &aPacket, RMBufRecvInfo &aInfo)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1960	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1961	* Peek at the packet before "upper layer".
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1962	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1963	* The Secpol installs a hook that request the stack to show each packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1964	* to IPsec just before it is given to the final upper layer protocol,
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1965	* such as UDP and TCP, but also any other protocol which is not
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1966	* handled as an extension header. Note that this includes IP-in-IP
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1967	* tunneling protocols.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1968	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1969	* The method compares an incoming packet and accumulated IPsec state
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1970	* against the security policy and decides whether the packet is to be
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1971	* allowed in.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1972	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1973	* @param aPacket The packet in "unpacked" state
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1974	* @param aInfo The packet information block
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1975	* @return As specified for the hook mechanism
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1976	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1977	* - any Leave causes packet to be dropped
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1978	* - return < 0, the hook took "ownership" of the packet (usually just dropped it explicitly)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1979	* - return == KIp6Hook_PASS, pass the packet to the next hook
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1980	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1981	* Note, the return "KIp6Hook_DONE" is not used by Secpol here.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1982	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1983	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1984	CSecurityPolicy *const policy = Policy();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1985	if (policy == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1986	return KIp6Hook_PASS; // No Policy ==> No security Check, pass all
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1987
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1988	if (iIsTunnelMode)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1989	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1990	// This IPSEC on top of IP-tunnel, and detunneling is being delegated to the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1991	// IP layer. As it is treated as "transport protocol", IPSEC gets called
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1992	// for a policy check. But, if the IPSEC is in tunnel mode, the policy check
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1993	// needs to be delayed until some inner transport header..
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1994	ASSERT(aInfo.iProtocol == KProtocolInetIpip \|\| aInfo.iProtocol == KProtocolInet6Ipip);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1995	iIsTunnelMode = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1996	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1997	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1998
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1999	TInt reason = KErrNotSupported;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2000	const TUint id = aInfo.iProtocol;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2001	TPolicyFilterInfo filter;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2002
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2003	if (!iAssociationManager)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2004	User::Leave(reason); // No CProtocolKey ==> Drop Packet!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2005	CheckPacketId(aPacket);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2006
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2007	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2008	// Now is the time to check the whether the accumulated
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2009	// IPSEC matches the policy...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2010	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2011	// The topmost header in packet now holds the packet that
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2012	// should correspond something to which the policy is
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2013	// applied.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2014	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2015	// For Inbound, Local = Destination address, of the packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2016	// Remote = Source Address of the packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2017	filter.iIndex = aInfo.iInterfaceIndex;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2018	filter.iFlags = KPolicyFilter_INBOUND;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2019	iPktInfo.FillZ();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2020	// (The addresses in info are already in IPv6 format)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2021	iPktInfo.iLocal.Set(TInetAddr::Cast(aInfo.iDstAddr));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2022	iPktInfo.iRemote.Set(TInetAddr::Cast(aInfo.iSrcAddr));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2023
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2024	// Retrieve all available selector information from the packet
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2025	// (requires some layer breaking snooping...)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2026	for (const TSnoopHeader *f = snooper; f < snooper_end; ++f)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2027	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2028	if (f->iProtocol == id)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2029	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2030	TInet6Packet<TUpperLayerSnoop> snoop(aPacket, aInfo.iOffset);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2031	const TUpperLayerSnoop *const hdr = snoop.iHdr;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2032	if (hdr == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2033	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2034	reason = EIpsec_CorruptPacketIn;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2035	goto drop;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2036	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2037	switch (f->iSelector)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2038	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2039	case KLoadPorts:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2040	iPktInfo.iPortRemote = hdr->Port(f->iO1); // src port is remote port for incoming
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2041	/* Fall through */
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2042	case KLoadLocal:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2043	iPktInfo.iPortLocal = hdr->Port(f->iO2); // dst port is local port for incoming
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2044	iPktInfo.iFlags \|= KTransportSelector_PORTS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2045	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2046	case KLoadBoth:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2047	iPktInfo.iPortLocal = hdr->Byte(f->iO2); // ...load code to lower 8 bits.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2048	/* Fall through */
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2049	case KLoadType:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2050	iPktInfo.iPortLocal \|= hdr->Byte(f->iO1) << 8; // ..load type to upper 8 bits.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2051	iPktInfo.iPortRemote = iPktInfo.iPortLocal;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2052	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2053	default:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2054	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2055	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2056	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2057	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2058	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2059	iPktInfo.iProtocol = (TUint8)id;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2060
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2061	if (aInfo.iIcmp == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2062	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2063	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2064	// However, if this call is normal processing call for ICMP, check if the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2065	// ICMP is actually an error report. In such case trust the main loop
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2066	// to call this hook again with iIcmp != 0 (it's a bit delicate, as
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2067	// the check for ERROR ICMP must exactly match the check in the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2068	// IP layer, or this will pass ICMP packets that are not allowed by
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2069	// the policy!!!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2070	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2071	if (id == KProtocolInet6Icmp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2072	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2073	if (iPktInfo.iPortLocal < (128<<8))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2074	return KIp6Hook_PASS; // Wait for error processing call!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2075	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2076	else if (id == KProtocolInetIcmp)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2077	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2078	switch (iPktInfo.iPortLocal >> 8)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2079	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2080	case KInet4ICMP_Unreachable: // Destination unreachable
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2081	case KInet4ICMP_SourceQuench: // Source Quench
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2082	case KInet4ICMP_Redirect: // Redirect request
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2083	case KInet4ICMP_TimeExceeded: // Time Exceeded
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2084	case KInet4ICMP_ParameterProblem: // Parameter Problem
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2085	return KIp6Hook_PASS; // Wait for error processing call!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2086	default:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2087	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2088	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2089	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2090	// Not an ICMP or normal ICMP, do the policy check with current info
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2091	}
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2092
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2093	//Check for the UMA feature support
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2094	CheckFeatureSupportL(NFeature::KFeatureIdFfIpsecUmaSupportEnable);
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2095	for (;;)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2096	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2097	CPolicyAction *items[KIpsecMaxNesting];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2098	TInt tunnels = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2099
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2100	RPolicySelectorInfo final_info = iPktInfo;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2101	const TInt count = CollectBundle(filter, final_info, KIpsecMaxNesting, items, NULL, tunnels);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2102	if (count < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2103	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2104	reason = count;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2105	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2106	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2107
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2108	const RIpAddress *dst = &iPktInfo.iLocal; // initial destination is the inner dst (iLocal of incoming)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2109	const RIpAddress *src = &iPktInfo.iRemote; // initial source is the inner src (iRemote of incoming)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2110
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2111	for (TInt j = 0; j < count; j++)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2112	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2113	const CPolicyAction &item = *items[j];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2114
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2115	// Need to save current src/dst in case optional
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2116	// processing is done (only pointers saved).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2117	const RIpAddress *const dst_opt = dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2118	const RIpAddress *const src_opt = src;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2119
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2120
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2121	if (--iCountSA < 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2122	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2123	reason = EIpsec_TooFewTransforms;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2124	goto optional;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2125	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2126	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2127	// Verify that the tunnel address (if any) matches with
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2128	// the policy entry.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2129	if (!item.iIsTunnel)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2130	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2131	if (!iTunnel[iCountSA]().IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2132	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2133	reason = EIpsec_TunnelMismatch;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2134	goto optional;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2135	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2136	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2137	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2138	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2139	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2140	// If a tunnel is specified, all remaining SA's have the src
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2141	// address of the this tunnel
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2142	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2143	if (item.iTunnel().IsNone())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2144	src = &iTunnel[iCountSA]; // Match tunnel from any source.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2145	else if (!KOuterIsInner.IsEqual(item.iTunnel()))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2146	src = &item.iTunnel; // == Outer src
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2147
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2148	// From the result of TAHI Tunnel test, there is some reason that cause the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2149	// "src" not eual to iTunnel[iCountSA] but equal to iMyself[iCountSA], that
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2150	// will leads to "EIpsec_TunnelMismatch" error in original code.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2151	if (iTunnel[iCountSA]() != (*src)())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2152	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2153	if (iMyself[iCountSA]() != (*src)())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2154	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2155	reason = EIpsec_TunnelMismatch;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2156	goto optional;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2157	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2158	src = &iTunnel[iCountSA]; //set "src" to tunnel address
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2159	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2160	dst = &iMyself[iCountSA];
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2161	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2162
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2163	if (item.iSpec)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2164	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2165	// An IPSEC SA is required
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2166	if (iSA[iCountSA].Association() == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2167	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2168	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2169	// SA was present when the AH or ESP was processed, but now appears to have
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2170	// disappeared. Expired, because it was used in two transforms, and latter
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2171	// expired? I don't expect to see this error, but just in case... -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2172	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2173	reason = EIpsec_LostSA;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2174	goto drop;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2175	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2176	#ifdef SYMBIAN_IPSEC_VOIP_SUPPORT
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2177	else if ((reason = iAssociationManager->Verify(iSA[iCountSA].Association(), item.iSpec->iSpec,item.iSpec->iPropList, src, dst, iPktInfo)) == KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2178	#else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2179	else if ((reason = iAssociationManager->Verify(iSA[iCountSA].Association(), item.iSpec->iSpec, src, dst, iPktInfo)) == KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2180	#endif // SYMBIAN_IPSEC_VOIP_SUPPORT
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2181	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2182	if (item.iIsTunnel)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2183	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2184	// If it was a tunnel mode, need update the packet specific
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2185	// information for the remaining SA's.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2186	iPktInfo.iRemote = *src;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2187	iPktInfo.iLocal = *dst;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2188	AfterTunnelAction(iPktInfo);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2189	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2190	continue;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2191	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2192	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2193	else if (iSA[iCountSA].Association())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2194	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2195	// Note: Above test may not work in general: if the packet contains two
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2196	// IPSEC layers using the same SA, and if the later application expires
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2197	// the SA, the iAssociation member of the first one disappears too!!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2198	// [in such case, instead of reporting unrequired SA, it would just
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2199	// accept it--probably not a serious mishap...]
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2200	// However, would not get this far? Expiry would drop the packet at
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2201	// apply phase or the other SA would not verify anyway? -- msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2202	reason = EIpsec_UnrequiredSA;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2203	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2204	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2205	continue;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2206
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2207	optional: // Only gets here in case there is a mismatch. If
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2208	// the item is optional, then retest the current
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2209	// with the next item.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2210	if (!item.iOptional)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2211	goto drop;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2212	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2213	// Restore to same state for the next item
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2214	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2215	++iCountSA;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2216	dst = dst_opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2217	src = src_opt;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2218	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2219	#ifdef __WINS__
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2220	if (iCountSA > 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2221	#else /__WINS__/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2222	if ((KIPsecTunnelInTunnel == 0) && (iCountSA > 0))
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2223	#endif /__WINS__/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2224	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2225	reason = EIpsec_TooManyTransforms;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2226	break;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2227	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2228	#ifndef __WINS__
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2229	//This is for logging only would be removed during MCL submission
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2230	else if(KIPsecTunnelInTunnel == 1)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2231	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2232	//This is for logging only would be removed during MCL submission
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2233	LOG(Log::Printf(_L("\nKIPsecTunnelInTunnel=1 enabled")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2234	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2235	#endif /* __WINS__*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2236	// NOTE
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2237	// There is no need to detach the SA's from the handles. Handle does
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2238	// not prevent SA from being deleted! Just clearing iCountSA is OK!
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2239	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2240	return KIp6Hook_PASS;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2241	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2242	drop:
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2243	// A Packet is dropped, deliver a copy to potentially interested
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2244	// parties (should have some limiter here?)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2245	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2246	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2247	// NOTE
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2248	// The reason for the packet drop is now passed in the Port
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2249	// field of the info.iSrcAddr. Somewhat kludgy... --msa
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2250	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2251	LOG(LogSelectorInfo(_L("incoming: "), iPktInfo, filter));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2252	LOG(Log::Printf(_L("\tpolicy check failed %d"), reason));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2253
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2254	iCountSA = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2255	aInfo.iSrcAddr.SetPort(reason);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2256	Deliver(aPacket);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2257	aPacket.Free();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2258	return reason;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2259	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2260
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2261	//
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2262
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2263	CServProviderBase* CProtocolSecpol::NewSAPL(TUint aSockType)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2264	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2265	* Create a new instance of CProviderSecpol for a socket opened by an application.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2266	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2267	* This socket can be used to load the security policy and to listen
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2268	* what packets are dropped due to current policy.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2269	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2270	* This is called from socket server.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2271	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2272	* @param aSockType Must be KSockRaw
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2273	* @return new CProviderSecpol instance.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2274	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2275	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2276	if (aSockType!=KSockRaw)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2277	User::Leave(KErrNotSupported);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2278	CProviderSecpol pSAP = new (ELeave) CProviderSecpol(this);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2279	iSAPlist.AddLast(*pSAP);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2280	return pSAP;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2281	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2282
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2283	void CProtocolSecpol::FixupInterfaceIndexes(CSecurityPolicy *aPolicy)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2284	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2285	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2286	* Complete the interfaces with index.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2287	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2288	* If the policy contains interface specific policies, then
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2289	* one must at this point convert the interface names into
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2290	* actual interface indexes.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2291	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2292	if (aPolicy && aPolicy->iInterfaces && NetworkService())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2293	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2294	// First, find the real interface indexes
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2295	for (CSelectorInterface *si = aPolicy->iInterfaces; si != NULL; si = si->iNext)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2296	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2297	si->iInterfaceIndex = GetInterfaceIndex(*si->iName);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2298	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2299	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2300	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2301
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2302	TInt CProtocolSecpol::SetPolicy(const TDesC &aPolicy, TUint &aOffset)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2303	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2304	* Replace the current security policy database with a new one.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2305	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2306	* Called from CProviderSecpol::Write(). The tasks are
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2307	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2308	* @li Convert the policy definition string into internal format (CSecurityPolicy)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2309	* using the parser CSecurityPolicy::SetPolicy().
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2310	* @li Complete the CPolicyInterface objects with indexes (FixupInterfaceIndexes()).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2311	* @li The policy parser creates the algorithm map (CAlgorithmList) as a "side effect".
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2312	* Pass the new algorithm map to the MAssociationManager::SetAlgorithms().
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2313	* @li Notify stack that all flows must be re-negotiated (MNetworkService::SetChanged()).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2314	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2315	* @param aPolicy The new security policy
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2316	* @retval aOffset Current parsing point (also starting point initially)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2317	* @return KErrNone, if success and < 0 otherwise
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2318	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2319	* In case of error, the aOffset indicates the position in
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2320	* aPolicy at which the parsing terminated.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2321	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2322	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2323	if (iAssociationManager == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2324	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2325	LOG(Log::Printf(_L("CProtocolSecpol::SetPolicy -- cannot load because PFKEY is not running")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2326	return KErrNotReady;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2327	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2328
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2329	const TInt res = CSecurityPolicy::SetPolicy(iPolicy, aPolicy, aOffset, iAssociationManager->EndPointCollection());
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2330	if (res != KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2331	return res;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2332
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2333	if (iPolicy == NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2334	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2335	LOG(Log::Printf(_L("New policy is empty")));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2336	return KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2337	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2338	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2339	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2340	FixupInterfaceIndexes(iPolicy);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2341	#ifdef _LOG
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2342	Log::Printf(_L("New policy:"));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2343	iAssociationManager->EndPointCollection().LogPrint(_L("ep\t%S = { %S }"));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2344	TInt i = 0;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2345	for (CPolicySelector *ps = iPolicy->iSelectors; ps != NULL; ps = ps->iNext)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2346	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2347	const TInt N = ps->iActions.Count();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2348	TBuf<6> seq;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2349	seq.AppendFormat(_L("%3d.\t"), ++i);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2350	LogPolicySelector(seq, *ps);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2351	if (ps->iFilterData & KPolicyFilter_DROP)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2352	Log::Printf(_L("\t\tDROP"));
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2353	//UMA support REQ417-40027
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2354	if(ps->iFilterData & KPolicyFilter_Exception)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2355	Log::Printf(_L("\t\t = { UMAException %d }"),ps->iScope_Exception);
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2356
0 af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2357	else if (N == 0)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2358	Log::Printf(_L("\t\tPASS"));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2359	else
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2360	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2361	for (TInt i = 0; i < N; ++i)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2362	LogBundleItem(_L("\t\t"), *ps->iActions[i]);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2363	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2364	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2365	Log::Printf(_L("---"));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2366	#endif
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2367	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2368
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2369	// Currently, the algorithm map results as a side effect
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2370	// from the policy loading operation (it really should be
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2371	// independent configuration file). Pass the map to the
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2372	// PFKEY protocol.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2373	iAssociationManager->SetAlgorithms(iPolicy->iAlgorithms);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2374
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2375	if (NetworkService())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2376	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2377	// New policy has been installed, request rechecking of
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2378	// all open flows...
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2379	NetworkService()->SetChanged();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2380	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2381
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2382	return KErrNone;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2383	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2384
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2385	void CProtocolSecpol::Deliver(RMBufPacketBase& aPacket)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2386	/**
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2387	* Deliver a copy of dropped packets to policy sockets.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2388	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2389	* This method sends a copy of the packet to all currently open Policy sockets.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2390	* This is called from the CProtocolSecpol ApplyL methods for each packet that
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2391	* is dropped. A copy of the packet is made for each open policy socket and
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2392	* delivered by a Deliver method of the SAP (see CProviderSecpol::Deliver).
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2393	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2394	* An application that opens a policy socket, but is not reading it, should close
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2395	* the input side (Shutdown), so that the queue of the dropped packets will
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2396	* not waste memory resources in the kernel.
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2397	*
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2398	* @param aPacket The packet to be dropped
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2399	*/
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2400	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2401	CProviderSecpol* sap;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2402	TDblQueIter<CProviderSecpol> iter(iSAPlist);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2403
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2404	while (sap = iter++, sap != NULL)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2405	if (sap->IsReceiving())
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2406	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2407	RMBufRecvPacket copy;
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2408	TRAPD(err, aPacket.CopyL(copy); aPacket.CopyInfoL(copy));
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2409	if (err == KErrNone)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2410	{
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2411	copy.Pack();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2412	sap->Deliver(copy);
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2413	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2414	// Can allways call free (if Deliver() took the packet, this is NOP)
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2415	copy.Free();
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2416	}
af10295192d8 Revision: 201004 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2417	}
20 7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2418
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2419	void CProtocolSecpol::CheckFeatureSupportL(TUid aFeature)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2420	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2421	// Check Gan support from feature manager
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2422	iIPSecGANSupported = CFeatureDiscovery::IsFeatureSupportedL(aFeature);
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2423	if(iIPSecGANSupported != (TInt)ETrue)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2424	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2425	LOG(Log::Printf(_L("CProtocolSecpol::CheckFeatureSupport Error Checking Feature Support ")));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2426	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2427	else
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2428	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2429	LOG(Log::Printf(_L("CProtocolSecpol::CheckFeatureSupport %d Feature Supported %d"),aFeature,iIPSecGANSupported));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2430	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2431	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2432
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2433	//UMA support
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2434	//Check for exception selector being loaded or not. This is required for Drop mode policy
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2435	//If policy is set as
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2436	// inbound = drop
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2437	// outbound = drop
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2438	// then instead returning Excetion selectors should be checked.
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2439	void CProtocolSecpol::CheckExceptionSelector(TBool &aException_flag) const
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2440	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2441	aException_flag = EFalse;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2442	if(iIPSecGANSupported)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2443	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2444	for(CPolicySelector *policy_Exception = iPolicy->iSelectors; policy_Exception != NULL ; policy_Exception = policy_Exception->iNext)
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2445	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2446	if(((policy_Exception->iFilterData & KPolicyFilter_Exception) == KPolicyFilter_Exception))
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2447	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2448	aException_flag = ETrue;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2449	break;
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2450	}//if
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2451	}//for
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2452	}//if
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2453	else
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2454	{
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2455	LOG(Log::Printf(_L("CProtocolSecpol::CheckExceptionSelector Feature is not Supported")));
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2456	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2457	}
7e41d162e158 Revision: 201033 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 0 diff changeset	2458

author	Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
	Thu, 19 Aug 2010 11:25:30 +0300
branch	RCL_3
changeset 20	7e41d162e158
parent 0	af10295192d8
child 21	abbed5a4b42a
permissions	-rw-r--r--