static void DefineSingletonKey(const TUid& aSingletonKey)
/**
* Defines a new property for a singleton key. WServ must only process
* singleton keys that it created to prevent a malicious process with the
* WriteDeviceData capability causing arbitrary functions to be executed.
*
* @param aSingeltonKey The UID of the singleton key to define.
*/
{
RThread t;
TUid category = { t.SecureId().iId };
RProperty prop;
// Write access is restricted to THIS process
TInt err = prop.Define( category, aSingletonKey.iUid,
RProperty::EByteArray, TSecurityPolicy( t.SecureId() ),
TSecurityPolicy( t.SecureId() ), sizeof( TCallBack ) );
if ( err == KErrNone )
{
TCallBack cb( NULL, NULL );
TPckgC<TCallBack> cbPckg( cb );
// Any error should cause the properties to be ignored
err = prop.Set( category, aSingletonKey.iUid, cbPckg );
}
if ( err != KErrNone )
{
// A problem occured / the property already existed so for safety
// the release code should be skipped.
gReleaseSingletonsOnExit = EFalse;
}
prop.Close();
t.Close();
}
/**
Private helper function that defines the IrDA discovery responses
suppression P&S key and sets the specified suppression status.
@param aSuppressDiscoveryResponses A boolean indicating if responses should be
suppressed or allowed.
@return KErrNone, if successful.
KErrPermissionDenied, if the method is called without the
required capabilities.
@internalComponent
@released
*/
TInt RIrdaDiscoveryResponseSuppressor::DefineAndSetKey(TBool aSuppressDiscoveryResponses)
{
// Define the discovery response suppression property.
TSecurityPolicy policy = TSecurityPolicy(ECapabilityWriteDeviceData);
TInt rerr = RProperty::Define(KIrdaPropertyCategory,
KIrdaDiscoveryResponseSuppressor,
RProperty::EInt,
policy,
policy);
if(rerr == KErrAlreadyExists || rerr == KErrNone)
{
TDiscoveryResponseSuppressorStatus status = aSuppressDiscoveryResponses ?
ESuppressDiscoveryResponses :
EAllowDiscoveryResponses;
rerr = RProperty::Set(KIrdaPropertyCategory,
KIrdaDiscoveryResponseSuppressor,
status);
}
// Forward the error if it is not KErrAlreadyExists.
return rerr;
}
// ---------------------------------------------------------------------------
// CMmCustomStubExt::GetRequiredPlatSecCaps
// Return required platform security caps, EAlwaysPass
// (other items were commented in a header)
// ---------------------------------------------------------------------------
//
TSecurityPolicy CMmCustomStubExt::GetRequiredPlatSecCaps(
const TInt /*aIpc*/ )
{
return TSecurityPolicy( TSecurityPolicy::EAlwaysPass );
}
// ---------------------------------------------------------
// CMMKeyBearer::SecurityPolicy()
//
// ---------------------------------------------------------
//
TSecurityPolicy CMMKeyBearer::SecurityPolicy() const
{
FUNC_LOG;
return TSecurityPolicy(ECapabilityLocalServices);
}
TVerdict CTestConnectStep::doTestStepL()
/**
* @return - TVerdict code
* Override of base class pure virtual
* Demonstrates reading configuration parameters fom an ini file section
*/
{
if(TestStepResult()==EPass)
{
INFO_PRINTF1(_L("In Test Step ConnectWithOverrides"));
// When bootstrapping C32 we have to avoid the PhBkSyncServer being started, since
// it needs a different CommDB
TInt ret = StartC32WithCMISuppressions(KPhbkSyncCMI);
if((ret!=KErrNone) && (ret!=KErrAlreadyExists))
{
INFO_PRINTF2(_L("error is : %d \n"),ret);
}
else
{
INFO_PRINTF1(_L("Started C32\n"));
}
RHostResolver hr;
INFO_PRINTF1(_L("Connect to RSocketServ"));
User::LeaveIfError(iSocketServ.Connect());
// Set up the connections, both overridden as host resolver won't work
// on the default interface
INFO_PRINTF1(_L("Open the RConnection interface"));
User::LeaveIfError(iConnection.Open(iSocketServ));
// get the IapNumber value from the ini file
if(!GetIntFromConfig(ConfigSection(), KIapNumber, iIapNumber))
{
if(!GetIntFromConfig(KIap, KIapNumber, iIapNumber))
{
iIapNumber=1;
INFO_PRINTF1(_L("Failed to read Iap from ini file, using default"));
}
}
INFO_PRINTF2((_L("IapNumber = %d")), iIapNumber);
TRequestStatus status;
#ifdef SIROCCO_CODE_MIGRATION
TCommDbConnPref prefs;
prefs.SetIapId(iIapNumber);
prefs.SetDialogPreference(ECommDbDialogPrefDoNotPrompt);
const TUid KMyPropertyCat = {0x101FD9C5};
const TUint32 KMyPropertyDestPortv4 = 67;
TInt err = RProperty::Define(KMyPropertyCat, KMyPropertyDestPortv4, RProperty::EInt, TSecurityPolicy(TSecurityPolicy::EAlwaysPass),
TSecurityPolicy(ECapabilityWriteDeviceData));
User::LeaveIfError(RProperty::Set(KMyPropertyCat, KMyPropertyDestPortv4, 93));
#else
TInt rank = 1;
// Create a multiple connection preference object
TCommDbMultiConnPref prefs;
for(TInt i=0;i<iapCount;i++)
{
TCommDbConnPref pref;
// Set the direction
pref.SetDirection(ECommDbConnectionDirectionOutgoing);
// Set the bear ser
pref.SetBearerSet(KCommDbBearerPSD | KCommDbBearerCSD);
// Set the IAP
pref.SetIapId(iIapNumber + i);
// Set the dialog preference to Do Not Prompt
pref.SetDialogPreference(ECommDbDialogPrefDoNotPrompt);
// Set the rank
User::LeaveIfError(prefs.SetPreference(rank, pref));
rank++;
}
prefs.SetConnectionAttempts(rank-1);
#endif
// Start the connection
iConnection.Start(prefs, status);
User::WaitForRequest(status);
TInt result = status.Int();
if(result!=KErrNone)
{
ERR_PRINTF2(_L("Failed to start connection. Error %d"), result);
SetTestStepResult(EFail);
User::Leave(EFail);
}
else
{
INFO_PRINTF1(_L("Connection started with overrides"));
}
// Set up the host resolver
INFO_PRINTF1(_L("Initialise a host resolver service"));
User::LeaveIfError(hr.Open(iSocketServ, KAfInet, KProtocolInetTcp, iConnection));
CleanupClosePushL(hr);
// Test the interfaces conn, host resolution should work ok
TBuf<64> hostname;
TRequestStatus status1;
TNameEntry nameEntry;
TPtrC temphost;
if(GetStringFromConfig(KTCPConfig, KHostName, temphost))
{
INFO_PRINTF2(_L("Hostname is : %S"), &temphost);
}
else
{
ERR_PRINTF1(_L("No hostname"));
SetTestStepResult(EFail);
User::Leave(EFail);
}
hostname = temphost;
hr.GetByName(hostname, nameEntry, status1);
User::WaitForRequest(status1);
TInt result1 = status1.Int();
if(result1!=KErrNone)
{
ERR_PRINTF2(_L("Failed to resolve the name. Error %d"), result1);
SetTestStepResult(EFail);
User::Leave(EFail);
}
else
{
INFO_PRINTF1(_L("Resolved the name successfully"));
}
// open socket
INFO_PRINTF1(_L("Open the socket"));
User::LeaveIfError(iSocket.Open(iSocketServ, KAfInet, KSockStream, KProtocolInetTcp, iConnection));
CleanupClosePushL(iSocket);
// print the host resolver's ip address
TInetAddr inetAddr;
inetAddr = TInetAddr(nameEntry().iAddr);
TBuf<50> addr;
inetAddr.Output(addr);
INFO_PRINTF2(_L("The host resolver's ip address is: %S"), &addr);
// get the port number from the ini file
if(!GetIntFromConfig(KTCPConfig, KPort, iPort))
{
ERR_PRINTF1(_L("Failed to read Port from ini file"));
SetTestStepResult(EFail);
User::Leave(EFail);
}
INFO_PRINTF2((_L("Port = %d")), iPort);
// connect to the socket
inetAddr.SetPort(iPort);
//nameEntry().iAddr.SetPort(iPort);
TRequestStatus status2;
//iSocket.Connect(nameEntry().iAddr,status2);
iSocket.Connect(inetAddr,status2);
User::WaitForRequest(status2);
TInt result2 = status2.Int();
if(result2!=KErrNone)
{
ERR_PRINTF2(_L("Failed to connect to the socket. Error %d"), result2);
SetTestStepResult(EFail);
User::Leave(EFail);
}
else
{
INFO_PRINTF1(_L("Connect to the socket successfully"));
}
TPtrC ptrDNSName;
if(GetStringFromConfig(KTCPConfig, KDNSName, ptrDNSName))
{
INFO_PRINTF2(_L("DNSName is : %S"), &ptrDNSName);
}
else
{
ERR_PRINTF1(_L("No DNSName"));
SetTestStepResult(EFail);
User::Leave(EFail);
}
TBuf8<256> bufDnsName;
bufDnsName.Copy(ptrDNSName);
// connect to the secure socket
CTestSecureSocket* iTestSecureSocket = CTestSecureSocket::NewL(*this, iSocket, bufDnsName);
CleanupStack::PushL(iTestSecureSocket);
iTestSecureSocket->StartHandshake();
CActiveScheduler::Start();
CleanupStack::PopAndDestroy(3); //iTestSecureSocket, iSocket, hr
}
return TestStepResult();
}
bool qExtractSecurityPolicyFromString(const QString &string, TSecurityPolicy &policy)
{
int startPos = string.indexOf(QLatin1Char('='));
QStringList values;
bool ret = false;
if (startPos == -1) {
values = string.split(QLatin1Char(','), QString::SkipEmptyParts);
} else {
values = string.mid(startPos + 1).split(QLatin1Char(','), QString::SkipEmptyParts);
}
if (values.count() > 0) {
const QString findVid(QLatin1String("vid["));
const QString findSid(QLatin1String("sid["));
const int MaxCapCount = 7;
const int VidMaxCount = 3;
const int SidMaxCount = 3;
TCapability capList[MaxCapCount] = { ECapability_None,ECapability_None,ECapability_None,
ECapability_None,ECapability_None,ECapability_None,ECapability_None };
bool isVID = false;
bool isSID = false;
QString idString(QLatin1String(""));
int maxAllowed = MaxCapCount;
if (values[0].contains(findVid, Qt::CaseInsensitive)) {
idString = values[0].remove(findVid, Qt::CaseInsensitive);
idString = idString.remove(QLatin1Char(']'));
values.removeAt(0);
isVID = true;
maxAllowed = VidMaxCount;
} else if (values[0].contains(findSid, Qt::CaseInsensitive)) {
idString = values[0].remove(findSid, Qt::CaseInsensitive);
idString = idString.remove(QLatin1Char(']'));
values.removeAt(0);
isSID = true;
maxAllowed = SidMaxCount;
}
if (values.count() <= maxAllowed) {
bool wasSuccesful = true;
for (int i = 0; i < values.count(); i++) {
capList[i] = qMatchCapStr(values[i]);
if (capList[i] == ECapability_HardLimit) {
wasSuccesful = false;
break;
}
}
if (wasSuccesful) {
if (isVID || isSID){
bool ok = true;
quint32 id = idString.toUInt(&ok, 16);
if (ok) {
if (isVID) {
TVendorId vid(id);
policy = TSecurityPolicy(vid, capList[0], capList[1], capList[2]);
} else {
TSecureId sid(id);
policy = TSecurityPolicy(sid, capList[0], capList[1], capList[2]);
}
ret = true; //Everything is fine
}
} else {
policy = TSecurityPolicy(capList[0], capList[1], capList[2], capList[3],
capList[4], capList[5], capList[6]);
ret = true; //Everything is fine
}
}
}
}
return ret;
}
EXPORT_C TInt RFTokenClient::GenerateToken(const RFile& aOpenFile, const TUid& aConsumerUid,TDes8& aToken) const
{
TSecureId consumerUid(aConsumerUid);
return GenerateToken(aOpenFile, TSecurityPolicy(consumerUid), aToken);
}
EXPORT_C TInt RFTokenClient::GenerateToken(const TDesC8& aExistingToken, const TUid& aConsumerUid,TDes8& aToken) const
{
TSecureId consumerUid(aConsumerUid);
return GenerateToken(aExistingToken, TSecurityPolicy(consumerUid), aToken);
}
TSecurityPolicy CPublishAndSubscribeHandler::symbianPolicy(const XQPublishAndSubscribeSecurityPolicy& policy)
{
//Use constructor for EAlwaysFail or EAlwaysPass
switch (policy.secPolicyType())
{
case XQPublishAndSubscribeSecurityPolicy::SecPolicyAlwaysFail:
{
return TSecurityPolicy(TSecurityPolicy::EAlwaysFail);
}
case XQPublishAndSubscribeSecurityPolicy::SecPolicyAlwaysPass:
{
return TSecurityPolicy(TSecurityPolicy::EAlwaysPass);
}
default:
{
break;
}
}
TCapability capability1 = ECapability_None;
TCapability capability2 = ECapability_None;
TCapability capability3 = ECapability_None;
TCapability capability4 = ECapability_None;
TCapability capability5 = ECapability_None;
TCapability capability6 = ECapability_None;
TCapability capability7 = ECapability_None;
const QList<XQPublishAndSubscribeSecurityPolicy::Capability>& capabilities = policy.capabilities();
if (capabilities.count() > 0) capability1 = symbianCapability(capabilities[0]);
if (capabilities.count() > 1) capability2 = symbianCapability(capabilities[1]);
if (capabilities.count() > 2) capability3 = symbianCapability(capabilities[2]);
if (capabilities.count() > 3) capability4 = symbianCapability(capabilities[3]);
if (capabilities.count() > 4) capability5 = symbianCapability(capabilities[4]);
if (capabilities.count() > 5) capability6 = symbianCapability(capabilities[5]);
if (capabilities.count() > 6) capability7 = symbianCapability(capabilities[6]);
long int secureId = policy.secureId().uid();
if (secureId != -1)
{
//Use constructor for TSecureId + max 3 capabilities
return TSecurityPolicy(TSecureId(secureId), capability1, capability2, capability3);
}
long int vendorId = policy.vendorId().uid();
if (vendorId != -1)
{
//Use constructor for TVendorId + max 3 capabilities
return TSecurityPolicy(TVendorId(vendorId), capability1, capability2, capability3);
}
if (capabilities.count() < 4)
{
//Use constructor for max 3 capabilities
return TSecurityPolicy(capability1, capability2, capability3);
}
else
{
//Use constructor for max 7 capabilities
return TSecurityPolicy(capability1, capability2, capability3, capability4, capability5, capability6, capability7);
}
}
// ---------------------------------------------------------------------------
// ---------------------------------------------------------------------------
//
TInt CAlfTransitionServerController::StartTransitionServer(TInt32 /*aMaxBytesOngoing*/,
TInt32 /*aMaxBytesBetween*/)
{
__ALFFXLOGSTRING("CAlfTransitionServerController::StartTransitionServer >>");
if( ServerRunning() )
{
__ALFFXLOGSTRING("CAlfTransitionServerController::StartTransitionServer - return KErrAlreadyExists <<");
return KErrAlreadyExists;
}
TInt val = 0;
TInt err = KErrNone;
err = RProperty::Get(KPSUidAvkonDomain, KAknTfxServerStatus, val );
if ( err != KErrNone )
{
err = RProperty::Define(KPSUidAvkonDomain, KAknTfxServerStatus, RProperty::EInt, TSecurityPolicy(TSecurityPolicy::EAlwaysPass),TSecurityPolicy(TSecurityPolicy::EAlwaysPass));
// make sure the value is cleared if this is the first time the property is defined
val = 0;
}
if ( err == KErrAlreadyExists )
{
// if our publish/subscribe variable already exists, all is well
err = KErrNone;
}
if( err != KErrNone )
{
__ALFFXLOGSTRING1("CAlfTransitionServerController::StartTransitionServer - return: %d <<", err);
return err;
}
//Set property to "server running"
iTransitionControlValue = val | ETfxSrvRunning;
// if the plugin has already been loaded, don't mess up with the value
RProperty::Set( KPSUidAvkonDomain, KAknTfxServerStatus, val | ETfxSrvRunning );
if ( !iPsObserver )
{
iPsObserver = CAlfPsObserver::New( this, KPSUidAvkonDomain, KAknTfxServerStatus );
if( !iPsObserver )
{
__ALFFXLOGSTRING("CAlfTransitionServerController::StartTransitionServer - return KErrNoMemory<<");
return KErrNoMemory;
}
}
if ( !iIsConnected )
{
err = iTfxServer.Open();
}
if ( err == KErrNone )
{
iIsConnected = ETrue;
// We don't need the server, we only want to know if it is running.
iTfxServer.Close();
}
else
{
err = KErrNone;
// start timer
if ( !iTimer )
{
iTimer = CPeriodic::New( CActive::EPriorityStandard );
if ( iTimer )
{
iTimer->Start( 1000000, 1000000,
TCallBack(CAlfTransitionServerController::ConnectionCallback, this ) );
}
}
}
__ALFFXLOGSTRING1("CAlfTransitionServerController::StartTransitionServer - return: %d <<", err);
return err;
}
