[7589] | 1 | <?php |
---|
| 2 | /*********************************************** |
---|
| 3 | * File : provisioning.php |
---|
| 4 | * Project : Z-Push |
---|
| 5 | * Descr : Provides the PROVISIONING command |
---|
| 6 | * |
---|
| 7 | * Created : 16.02.2012 |
---|
| 8 | * |
---|
| 9 | * Copyright 2007 - 2012 Zarafa Deutschland GmbH |
---|
| 10 | * |
---|
| 11 | * This program is free software: you can redistribute it and/or modify |
---|
| 12 | * it under the terms of the GNU Affero General Public License, version 3, |
---|
| 13 | * as published by the Free Software Foundation with the following additional |
---|
| 14 | * term according to sec. 7: |
---|
| 15 | * |
---|
| 16 | * According to sec. 7 of the GNU Affero General Public License, version 3, |
---|
| 17 | * the terms of the AGPL are supplemented with the following terms: |
---|
| 18 | * |
---|
| 19 | * "Zarafa" is a registered trademark of Zarafa B.V. |
---|
| 20 | * "Z-Push" is a registered trademark of Zarafa Deutschland GmbH |
---|
| 21 | * The licensing of the Program under the AGPL does not imply a trademark license. |
---|
| 22 | * Therefore any rights, title and interest in our trademarks remain entirely with us. |
---|
| 23 | * |
---|
| 24 | * However, if you propagate an unmodified version of the Program you are |
---|
| 25 | * allowed to use the term "Z-Push" to indicate that you distribute the Program. |
---|
| 26 | * Furthermore you may use our trademarks where it is necessary to indicate |
---|
| 27 | * the intended purpose of a product or service provided you use it in accordance |
---|
| 28 | * with honest practices in industrial or commercial matters. |
---|
| 29 | * If you want to propagate modified versions of the Program under the name "Z-Push", |
---|
| 30 | * you may only do so if you have a written permission by Zarafa Deutschland GmbH |
---|
| 31 | * (to acquire a permission please contact Zarafa at trademark@zarafa.com). |
---|
| 32 | * |
---|
| 33 | * This program is distributed in the hope that it will be useful, |
---|
| 34 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 35 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 36 | * GNU Affero General Public License for more details. |
---|
| 37 | * |
---|
| 38 | * You should have received a copy of the GNU Affero General Public License |
---|
| 39 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
---|
| 40 | * |
---|
| 41 | * Consult LICENSE file for details |
---|
| 42 | ************************************************/ |
---|
| 43 | |
---|
| 44 | class Provisioning extends RequestProcessor { |
---|
| 45 | |
---|
| 46 | /** |
---|
| 47 | * Handles the Provisioning command |
---|
| 48 | * |
---|
| 49 | * @param int $commandCode |
---|
| 50 | * |
---|
| 51 | * @access public |
---|
| 52 | * @return boolean |
---|
| 53 | */ |
---|
| 54 | public function Handle($commandCode) { |
---|
| 55 | $status = SYNC_PROVISION_STATUS_SUCCESS; |
---|
| 56 | $policystatus = SYNC_PROVISION_POLICYSTATUS_SUCCESS; |
---|
| 57 | |
---|
| 58 | $rwstatus = self::$deviceManager->GetProvisioningWipeStatus(); |
---|
| 59 | $rwstatusWiped = false; |
---|
| 60 | |
---|
| 61 | // if this is a regular provisioning require that an authenticated remote user |
---|
| 62 | if ($rwstatus < SYNC_PROVISION_RWSTATUS_PENDING) { |
---|
| 63 | ZLog::Write(LOGLEVEL_DEBUG, "RequestProcessor::HandleProvision(): Forcing delayed Authentication"); |
---|
| 64 | self::Authenticate(); |
---|
| 65 | } |
---|
| 66 | |
---|
| 67 | $phase2 = true; |
---|
| 68 | |
---|
| 69 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_PROVISION)) |
---|
| 70 | return false; |
---|
| 71 | |
---|
| 72 | //handle android remote wipe. |
---|
| 73 | if (self::$decoder->getElementStartTag(SYNC_PROVISION_REMOTEWIPE)) { |
---|
| 74 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS)) |
---|
| 75 | return false; |
---|
| 76 | |
---|
| 77 | $instatus = self::$decoder->getElementContent(); |
---|
| 78 | |
---|
| 79 | if(!self::$decoder->getElementEndTag()) |
---|
| 80 | return false; |
---|
| 81 | |
---|
| 82 | if(!self::$decoder->getElementEndTag()) |
---|
| 83 | return false; |
---|
| 84 | |
---|
| 85 | $phase2 = false; |
---|
| 86 | $rwstatusWiped = true; |
---|
| 87 | } |
---|
| 88 | else { |
---|
| 89 | |
---|
| 90 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICIES)) |
---|
| 91 | return false; |
---|
| 92 | |
---|
| 93 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICY)) |
---|
| 94 | return false; |
---|
| 95 | |
---|
| 96 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICYTYPE)) |
---|
| 97 | return false; |
---|
| 98 | |
---|
| 99 | $policytype = self::$decoder->getElementContent(); |
---|
| 100 | if ($policytype != 'MS-WAP-Provisioning-XML' && $policytype != 'MS-EAS-Provisioning-WBXML') { |
---|
| 101 | $status = SYNC_PROVISION_STATUS_SERVERERROR; |
---|
| 102 | } |
---|
| 103 | if(!self::$decoder->getElementEndTag()) //policytype |
---|
| 104 | return false; |
---|
| 105 | |
---|
| 106 | if (self::$decoder->getElementStartTag(SYNC_PROVISION_POLICYKEY)) { |
---|
| 107 | $devpolicykey = self::$decoder->getElementContent(); |
---|
| 108 | |
---|
| 109 | if(!self::$decoder->getElementEndTag()) |
---|
| 110 | return false; |
---|
| 111 | |
---|
| 112 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS)) |
---|
| 113 | return false; |
---|
| 114 | |
---|
| 115 | $instatus = self::$decoder->getElementContent(); |
---|
| 116 | |
---|
| 117 | if(!self::$decoder->getElementEndTag()) |
---|
| 118 | return false; |
---|
| 119 | |
---|
| 120 | $phase2 = false; |
---|
| 121 | } |
---|
| 122 | |
---|
| 123 | if(!self::$decoder->getElementEndTag()) //policy |
---|
| 124 | return false; |
---|
| 125 | |
---|
| 126 | if(!self::$decoder->getElementEndTag()) //policies |
---|
| 127 | return false; |
---|
| 128 | |
---|
| 129 | if (self::$decoder->getElementStartTag(SYNC_PROVISION_REMOTEWIPE)) { |
---|
| 130 | if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS)) |
---|
| 131 | return false; |
---|
| 132 | |
---|
| 133 | $status = self::$decoder->getElementContent(); |
---|
| 134 | |
---|
| 135 | if(!self::$decoder->getElementEndTag()) |
---|
| 136 | return false; |
---|
| 137 | |
---|
| 138 | if(!self::$decoder->getElementEndTag()) |
---|
| 139 | return false; |
---|
| 140 | |
---|
| 141 | $rwstatusWiped = true; |
---|
| 142 | } |
---|
| 143 | } |
---|
| 144 | if(!self::$decoder->getElementEndTag()) //provision |
---|
| 145 | return false; |
---|
| 146 | |
---|
| 147 | if (PROVISIONING !== true) { |
---|
| 148 | ZLog::Write(LOGLEVEL_INFO, "No policies deployed to device"); |
---|
| 149 | $policystatus = SYNC_PROVISION_POLICYSTATUS_NOPOLICY; |
---|
| 150 | } |
---|
| 151 | |
---|
| 152 | self::$encoder->StartWBXML(); |
---|
| 153 | |
---|
| 154 | //set the new final policy key in the device manager |
---|
| 155 | // START ADDED dw2412 Android provisioning fix |
---|
| 156 | if (!$phase2) { |
---|
| 157 | $policykey = self::$deviceManager->GenerateProvisioningPolicyKey(); |
---|
| 158 | self::$deviceManager->SetProvisioningPolicyKey($policykey); |
---|
| 159 | self::$topCollector->AnnounceInformation("Policies deployed", true); |
---|
| 160 | } |
---|
| 161 | else { |
---|
| 162 | // just create a temporary key (i.e. iPhone OS4 Beta does not like policykey 0 in response) |
---|
| 163 | $policykey = self::$deviceManager->GenerateProvisioningPolicyKey(); |
---|
| 164 | } |
---|
| 165 | // END ADDED dw2412 Android provisioning fix |
---|
| 166 | |
---|
| 167 | self::$encoder->startTag(SYNC_PROVISION_PROVISION); |
---|
| 168 | { |
---|
| 169 | self::$encoder->startTag(SYNC_PROVISION_STATUS); |
---|
| 170 | self::$encoder->content($status); |
---|
| 171 | self::$encoder->endTag(); |
---|
| 172 | |
---|
| 173 | self::$encoder->startTag(SYNC_PROVISION_POLICIES); |
---|
| 174 | self::$encoder->startTag(SYNC_PROVISION_POLICY); |
---|
| 175 | |
---|
| 176 | if(isset($policytype)) { |
---|
| 177 | self::$encoder->startTag(SYNC_PROVISION_POLICYTYPE); |
---|
| 178 | self::$encoder->content($policytype); |
---|
| 179 | self::$encoder->endTag(); |
---|
| 180 | } |
---|
| 181 | |
---|
| 182 | self::$encoder->startTag(SYNC_PROVISION_STATUS); |
---|
| 183 | self::$encoder->content($policystatus); |
---|
| 184 | self::$encoder->endTag(); |
---|
| 185 | |
---|
| 186 | self::$encoder->startTag(SYNC_PROVISION_POLICYKEY); |
---|
| 187 | self::$encoder->content($policykey); |
---|
| 188 | self::$encoder->endTag(); |
---|
| 189 | |
---|
| 190 | if ($phase2 && $policystatus === SYNC_PROVISION_POLICYSTATUS_SUCCESS) { |
---|
| 191 | self::$encoder->startTag(SYNC_PROVISION_DATA); |
---|
| 192 | if ($policytype == 'MS-WAP-Provisioning-XML') { |
---|
| 193 | self::$encoder->content('<wap-provisioningdoc><characteristic type="SecurityPolicy"><parm name="4131" value="1"/><parm name="4133" value="1"/></characteristic></wap-provisioningdoc>'); |
---|
| 194 | } |
---|
| 195 | elseif ($policytype == 'MS-EAS-Provisioning-WBXML') { |
---|
| 196 | self::$encoder->startTag(SYNC_PROVISION_EASPROVISIONDOC); |
---|
| 197 | |
---|
| 198 | $prov = self::$deviceManager->GetProvisioningObject(); |
---|
| 199 | if (!$prov->Check()) |
---|
| 200 | throw new FatalException("Invalid policies!"); |
---|
| 201 | |
---|
| 202 | $prov->Encode(self::$encoder); |
---|
| 203 | self::$encoder->endTag(); |
---|
| 204 | } |
---|
| 205 | else { |
---|
| 206 | ZLog::Write(LOGLEVEL_WARN, "Wrong policy type"); |
---|
| 207 | self::$topCollector->AnnounceInformation("Policytype not supported", true); |
---|
| 208 | return false; |
---|
| 209 | } |
---|
| 210 | self::$topCollector->AnnounceInformation("Updated provisiong", true); |
---|
| 211 | |
---|
| 212 | self::$encoder->endTag();//data |
---|
| 213 | } |
---|
| 214 | self::$encoder->endTag();//policy |
---|
| 215 | self::$encoder->endTag(); //policies |
---|
| 216 | } |
---|
| 217 | |
---|
| 218 | //wipe data if a higher RWSTATUS is requested |
---|
| 219 | if ($rwstatus > SYNC_PROVISION_RWSTATUS_OK && $policystatus === SYNC_PROVISION_POLICYSTATUS_SUCCESS) { |
---|
| 220 | self::$encoder->startTag(SYNC_PROVISION_REMOTEWIPE, false, true); |
---|
| 221 | self::$deviceManager->SetProvisioningWipeStatus(($rwstatusWiped)?SYNC_PROVISION_RWSTATUS_WIPED:SYNC_PROVISION_RWSTATUS_REQUESTED); |
---|
| 222 | self::$topCollector->AnnounceInformation(sprintf("Remote wipe %s", ($rwstatusWiped)?"executed":"requested"), true); |
---|
| 223 | } |
---|
| 224 | |
---|
| 225 | self::$encoder->endTag();//provision |
---|
| 226 | |
---|
| 227 | return true; |
---|
| 228 | } |
---|
| 229 | } |
---|
| 230 | ?> |
---|