Mercurial Mercurial > oss > MCL > sf > os > networkingsrv / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
networksecurity/ipsec/ipsecpol/src/ipsecpolmanconflict.cpp
branchRCL_3
changeset 22 8d540f55e491
parent 21 abbed5a4b42a 
--- a/networksecurity/ipsec/ipsecpol/src/ipsecpolmanconflict.cpp	Tue Aug 31 16:45:15 2010 +0300
+++ b/networksecurity/ipsec/ipsecpol/src/ipsecpolmanconflict.cpp	Wed Sep 01 12:33:58 2010 +0100
@@ -106,6 +106,8 @@
 TBool
 CIPSecPolicyManagerHandler::CalculateCombinedPolicyBypassDropMode()
     {
+    LOG(Log::Printf(_L("CalculateCombinedPolicyBypassDropMode\n")));
+
     // Combined mode is 'bypass_everything_else' by default
     TInt combinedMode(KInboundBypass | KOutboundBypass);
 
@@ -147,6 +149,7 @@
     // the combined policy into IPsec protocol component
     TBool changed = (iBypassOrDropMode != combinedMode);
     iBypassOrDropMode = combinedMode;
+    LOG(Log::Printf(_L("combined policy mode %d\n"), iBypassOrDropMode));	
     return(changed);
     }
 
@@ -327,6 +330,13 @@
                 {
                 continue;
                 }
+            //UMA support REQ 417-40027  
+            //loading bypass policy with activated drop_mode policy. Above mentioned is only one way traffic.
+            if ((iIPSecGANSupported) && (iFunction & KAddDhcpBypassSelectors) 
+                && (remotePort == 68 || localPort == 67))
+                {
+                continue;
+                }	
 
             // Iterate to next selector if IKE bypass is requested and selector 
             // contains ports utilized with IKE
@@ -557,7 +567,20 @@
                                     aPolicySelector->iRemoteMask.Address(),
                                     ps->iRemote.Address(),
                                     ps->iRemoteMask.Address());
-
+        //UMA support
+       TBool flag_exception = EFalse;
+       if( iIPSecGANSupported )
+           {
+           flag_exception = CheckException();
+           LOG(Log::Printf(_L("::CompareSelectorsL, exception policy is = %d\n"), flag_exception));
+           //Not performing overlapping because UMA loads with any to any selector. Now if any to any will result in 
+           //overlapping as 0.0.0.0 0.0.0.0 will encrypt every packet, which dont leads exceptions and overlapping as concern
+           if(flag_exception ||iCurrentException )
+               {
+               continue;
+               }
+           }
+									
         if (overlappingOccurs)
             {
             err = ESelectorConflict;
MCL/sf/os/networkingsrv