pgpnetconfig.c

PGP8.0源码 请认真阅读您的文件包然后写出其具体功能

					kPGPNetPrefRequireValidKeyUnconfigured,
					&pPNConfig->bRequireValidKeyUnconfigured); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefReplayDetection,
					&pPNConfig->bReplayDetection); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefEnablePassphraseCache,
					&pPNConfig->bCachePassphrases); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefExpertMode,
					&pPNConfig->bExpertMode); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefFirstExecution,
					&pPNConfig->bFirstExecution); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefWarnReSharedSecret,
					&pPNConfig->bWarnReSharedSecret); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefEnableIKEKByteExpiration,
					&pPNConfig->bIkeKByteExpiration); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefEnableIKETimeExpiration,
					&pPNConfig->bIkeTimeExpiration); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefEnableIPSECKByteExpiration,
					&pPNConfig->bIpsecKByteExpiration); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefEnableIPSECTimeExpiration,
					&pPNConfig->bIpsecTimeExpiration); CKERR;

#if PGP_FREEWARE
	pPNConfig->bIntrusionDetection = FALSE;
#else
	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefUseIntrusionDetection,
					&pPNConfig->bIntrusionDetection); CKERR;
#endif

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefAutoBlockAttacks,
					&pPNConfig->bAutoBlockAttacks); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefBlockUntilRemoved,
					&pPNConfig->bBlockUntilRemoved); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefAttackSound,
					&pPNConfig->bPlayAttackSound); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefAttackNotify,
					&pPNConfig->bTrayNotify); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefAttackEmailNotify,
					&pPNConfig->bEmailNotify); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefAttackDialog,
					&pPNConfig->bAttackDialog); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefUseLearnMode,
					&(pPNConfig->bFireLearnModeOn)); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefLogAllowed,
					&(pPNConfig->bLogAllowedTraffic)); CKERR;

	err = PGPGetPrefBoolean (prefref,
					kPGPNetPrefLogBlocked,
					&(pPNConfig->bLogBlockedTraffic)); CKERR;

	// get numbers
	err = PGPGetPrefNumber (prefref,
					kPGPnetPrefUnconfiguredMode,
					&pPNConfig->uUnconfiguredMode); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPNetPrefIKEKByteExpiration,
					&pPNConfig->uIkeKByteExpiration); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPNetPrefIKETimeExpiration,
					&pPNConfig->uIkeTimeExpiration); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPNetPrefIPSECKByteExpiration,
					&pPNConfig->uIpsecKByteExpiration); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPNetPrefIPSECTimeExpiration,
					&pPNConfig->uIpsecTimeExpiration); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPnetPrefBlockMinutes,
					&pPNConfig->uBlockMinutes); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPnetPrefFirewallRuleSet,
					&pPNConfig->uRuleSet); CKERR;

	err = PGPGetPrefNumber (prefref,
					kPGPNetPrefTrustSubnetOption,
					&pPNConfig->uSubnetTrustOption); CKERR;

	// Get strings
	err = PGPGetPrefStringAlloc (prefref,
					kPGPNetPrefAttackNotifyEmail,
					&pPNConfig->szEmailAddress); CKERR;

	err = PGPGetPrefStringAlloc (prefref,
					kPGPNetPrefAttackNotifySMTPServer,
					&pPNConfig->szMailServer); CKERR;

	// get keyrings
	err = PGPGetPrefStringBuffer (prefref,
					kPGPNetPrefPublicKeyringFile,
					sizeof(pPNConfig->szPublicKeyringFile),
					pPNConfig->szPublicKeyringFile);

	err = PGPGetPrefStringBuffer (prefref,
					kPGPNetPrefPrivateKeyringFile,
					sizeof(pPNConfig->szPrivateKeyringFile),
					pPNConfig->szPrivateKeyringFile);

	// get PGP Authentication keyid
	err = PGPGetPrefData (prefref,
					kPGPNetPrefPGPAuthKeyID,
					&size,
					&pbyte);
	if (IsntPGPError (err))
	{
		pgpCopyMemory (pbyte, &pPNConfig->keyidPGPAuth, size);
		PGPFreeData(pbyte);
		pPNConfig->bUsePGPAuthKey = TRUE;
	}
	else
		pPNConfig->bUsePGPAuthKey = FALSE;

	// get X509 Authentication keyid
	err = PGPGetPrefData (prefref,
					kPGPNetPrefX509AuthKeyID,
					&size,
					&pbyte);
	if (IsntPGPError (err))
	{
		pgpCopyMemory (pbyte, &pPNConfig->keyidX509Auth, size);
		PGPFreeData(pbyte);

		err = PGPGetPrefData (prefref,
					kPGPNetPrefX509AuthCertIASN,
					&pPNConfig->uX509AuthCertIASNLength,
					&pPNConfig->pX509AuthCertIASN); CKERR;

		pPNConfig->bUseX509AuthKey = TRUE;
	}
	else
		pPNConfig->bUseX509AuthKey = FALSE;

	// fill host entry structure
	err = PGPGetNetHostPrefs (prefref,
					&pPNConfig->pHostList,
					&pPNConfig->uHostCount); CKERR;

	err = PGPGetPrefFlags (prefref,
					kPGPNetPrefHostArray, &u); CKERR;
	pPNConfig->bPGPnetHostListLocked = (u & kPGPPrefFlags_DisableGUI);

	// fill blocked host entry structure
	err = PGPGetNetBlockedPrefs (prefref,
					&pPNConfig->pBlockedList,
					&pPNConfig->uBlockedCount); CKERR;

	err = PGPGetPrefFlags (prefref,
					kPGPNetPrefBlockedHostArray, &u); CKERR;
	pPNConfig->bPGPnetBlockedListLocked = (u & kPGPPrefFlags_DisableGUI);

	// fill trusted host entry structure
	err = PGPGetNetTrustedPrefs (prefref,
					&pPNConfig->pTrustedList,
					&pPNConfig->uTrustedCount); CKERR;

	err = PGPGetPrefFlags (prefref,
					kPGPNetPrefTrustedHostArray, &u); CKERR;
	pPNConfig->bPGPnetTrustedListLocked = (u & kPGPPrefFlags_DisableGUI);

	// fill firewall rule structure
	if (pPNConfig->uRuleSet == kPGPNetFirewallRuleSet_Custom)
	{
		err = PGPGetNetFirewallRuleSet (prefref,
				&pPNConfig->pRuleList,
				&pPNConfig->uRuleCount); CKERR;
	}
	else
	{
		err = PGPGetNetDefaultFirewallRuleSet (prefref, 
				pPNConfig->uRuleSet, 
				&pPNConfig->pRuleList,
				&pPNConfig->uRuleCount); CKERR;
	}

	// fill in IKE prefs structures
	err = PGPnetGetIkeAlgorithmPrefs (context, prefref, pPNConfig); CKERR;
	err = PGPnetGetIkeProposalPrefs (context, prefref, pPNConfig); CKERR;
	err = PGPnetGetIpsecProposalPrefs (context, prefref, pPNConfig); CKERR;
	err = sComputeIkeExpirationPrefs (context, pPNConfig); CKERR;

done:
	return err;
}


PGPError
PGPnetLoadKnownConfig (
		PGPContextRef	context,
		PGPPrefRef		prefref,
		PPNKNOWNCONFIG	pPNKnownConfig)
{
	PGPError					err;

	if (!PGPPrefRefIsValid (prefref))
		return kPGPError_BadParams;

	/* get auto rule list */
	err = PGPGetNetKnownRuleSet(prefref,
								kPGPNetPrefAutoRuleArray,
								&pPNKnownConfig->pAutoRuleList,
								&pPNKnownConfig->uAutoRuleCount); CKERR;
	if (pPNKnownConfig->uAutoRuleCount == 0)
	{
		PGPGetNetDefaultKnownRuleSet(prefref,
									 kPGPNetFirewallRuleSet_Auto,
									 &pPNKnownConfig->pAutoRuleList,
									 &pPNKnownConfig->uAutoRuleCount); CKERR;									
	}

	/* get known rule list */
	err = PGPGetNetKnownRuleSet	(prefref,
								 kPGPNetPrefKnownRuleArray,
								&pPNKnownConfig->pKnownRuleList,
								&pPNKnownConfig->uKnownRuleCount); CKERR;
	if (pPNKnownConfig->uKnownRuleCount == 0)
	{
		PGPGetNetDefaultKnownRuleSet(prefref,
									 kPGPNetFirewallRuleSet_Known,
									&pPNKnownConfig->pKnownRuleList,
									&pPNKnownConfig->uKnownRuleCount); CKERR;									
	}
	
	/* get smart rule list */
	err = PGPGetNetKnownRuleSet	(prefref,
								 kPGPNetPrefSmartRuleArray,
								&pPNKnownConfig->pSmartRuleList,
								&pPNKnownConfig->uSmartRuleCount); CKERR;
	if (pPNKnownConfig->uSmartRuleCount == 0)
	{
		PGPGetNetDefaultKnownRuleSet(prefref,
									 kPGPNetFirewallRuleSet_Smart,
									&pPNKnownConfig->pSmartRuleList,
									&pPNKnownConfig->uSmartRuleCount); CKERR;									
	}

done:
	return err;
}

//	____________________________________
//
//	free all the points in the config structure

PGPError
PGPnetFreeConfiguration (
		PPNCONFIG		pPNConfig)
{
	// if host list exists, dispose of it
	if (pPNConfig->pHostList)
	{
		PGPFreeData (pPNConfig->pHostList);
		pPNConfig->pHostList = NULL;
	}

	// if blocked list exists, dispose of it
	if (pPNConfig->pBlockedList)
	{
		PGPFreeData (pPNConfig->pBlockedList);
		pPNConfig->pBlockedList = NULL;
	}

	// if trusted list exists, dispose of it
	if (pPNConfig->pTrustedList)
	{
		PGPFreeData (pPNConfig->pTrustedList);
		pPNConfig->pTrustedList = NULL;
	}

	// if rule list exists, dispose of it
	if (pPNConfig->pRuleList)
	{
		PGPFreeData (pPNConfig->pRuleList);
		pPNConfig->pRuleList = NULL;
	}

	// if X509 AuthCert IASN exists, dispose of it
	if (pPNConfig->pX509AuthCertIASN)
	{
		PGPFreeData (pPNConfig->pX509AuthCertIASN);
		pPNConfig->pX509AuthCertIASN = NULL;
	}

	// dispose of IKE prefs proposal arrays
	if (pPNConfig->IkeIkeProposalPrefs.u.ikeProposals.t)
	{
		PGPFreeData (pPNConfig->IkeIkeProposalPrefs.u.ikeProposals.t);
		pPNConfig->IkeIkeProposalPrefs.u.ikeProposals.t = NULL;
	}

	if (pPNConfig->IkeIpsecProposalPrefs.u.ipsecProposals.t)
	{
		PGPFreeData (pPNConfig->IkeIpsecProposalPrefs.u.ipsecProposals.t);
		pPNConfig->IkeIpsecProposalPrefs.u.ipsecProposals.t = NULL;
	}

	if (pPNConfig->szEmailAddress)
	{
		PGPFreeData (pPNConfig->szEmailAddress);
		pPNConfig->szEmailAddress = NULL;
	}

	if (pPNConfig->szMailServer)
	{
		PGPFreeData (pPNConfig->szMailServer);
		pPNConfig->szMailServer = NULL;
	}

	return kPGPError_NoErr;
}

PGPError
PGPnetFreeKnownConfig(
		PPNKNOWNCONFIG	pPNKnownConfig)
{
	// if rule list exists, dispose of it
	if (pPNKnownConfig->pAutoRuleList)
	{
		PGPFreeData (pPNKnownConfig->pAutoRuleList);
		pPNKnownConfig->pAutoRuleList = NULL;
		pPNKnownConfig->uAutoRuleCount = 0;
	}

	if (pPNKnownConfig->pKnownRuleList)
	{
		PGPFreeData (pPNKnownConfig->pKnownRuleList);
		pPNKnownConfig->pKnownRuleList = NULL;
		pPNKnownConfig->uKnownRuleCount = 0;
	}

	if (pPNKnownConfig->pSmartRuleList)
	{
		PGPFreeData (pPNKnownConfig->pSmartRuleList);
		pPNKnownConfig->pSmartRuleList = NULL;
		pPNKnownConfig->uSmartRuleCount = 0;
	}

	return kPGPError_NoErr;
}

//	____________________________________
//
//	reload configuration information from prefs file

PGPError
PGPnetReloadConfiguration (
		PGPContextRef	context,
		PGPPrefRef		prefref,
		PPNCONFIG		pPNConfig)
{
	PGPError	err;

	err = PGPnetFreeConfiguration (pPNConfig);
	if (IsntPGPError (err))
		err = PGPnetLoadConfiguration (context, prefref, pPNConfig);

	return err;
}

PGPError
PGPnetReloadKnownConfig (
		PGPContextRef	context,
		PGPPrefRef		prefref,
		PPNKNOWNCONFIG	pPNKnownConfig)
{
	PGPError					err;

	if (!PGPPrefRefIsValid (prefref))
		return kPGPError_BadParams;

	err = PGPnetFreeKnownConfig (pPNKnownConfig);
	if (IsntPGPError (err))
		err = PGPnetLoadKnownConfig (context, prefref, pPNKnownConfig);

	return err;
}

//	____________________________________
//
//	save configuration information to prefs file

PGPError
PGPnetSaveConfiguration (
		PGPContextRef	context,
		PGPPrefRef		prefref,
		PPNCONFIG		pPNConfig)
{
	PGPError					err;

	if (!PGPPrefRefIsValid (prefref))
		return kPGPError_BadParams;

	// save booleans
	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnablePGPnet,
					pPNConfig->bPGPnetEnabled); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableVPN,
					pPNConfig->bPGPnetVPNEnabled); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableFirewall,
					pPNConfig->bPGPnetFirewallEnabled); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefRequireValidKeyConfigured,
					pPNConfig->bRequireValidKeyConfigured); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefRequireValidKeyUnconfigured,
					pPNConfig->bRequireValidKeyUnconfigured); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefReplayDetection,
					pPNConfig->bReplayDetection); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnablePassphraseCache,
					pPNConfig->bCachePassphrases); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefExpertMode,
					pPNConfig->bExpertMode); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefFirstExecution,
					pPNConfig->bFirstExecution); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefWarnReSharedSecret,
					pPNConfig->bWarnReSharedSecret); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableIKEKByteExpiration,
					pPNConfig->bIkeKByteExpiration); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableIKETimeExpiration,
					pPNConfig->bIkeTimeExpiration); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableIPSECKByteExpiration,
					pPNConfig->bIpsecKByteExpiration); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefEnableIPSECTimeExpiration,
					pPNConfig->bIpsecTimeExpiration); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefUseIntrusionDetection,
					pPNConfig->bIntrusionDetection); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefAutoBlockAttacks,
					pPNConfig->bAutoBlockAttacks); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefBlockUntilRemoved,
					pPNConfig->bBlockUntilRemoved); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefAttackSound,
					pPNConfig->bPlayAttackSound); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefAttackNotify,
					pPNConfig->bTrayNotify); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefAttackEmailNotify,
					pPNConfig->bEmailNotify); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefUseLearnMode,
					pPNConfig->bFireLearnModeOn); CKERR;

	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefLogAllowed,
					pPNConfig->bLogAllowedTraffic); CKERR;
	
	err = PGPSetPrefBoolean (prefref,
					kPGPNetPrefLogBlocked,
					pPNConfig->bLogBlockedTraffic); CKERR;