private static bool BuildEAS25And120Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy)
{
bool flag = true;
bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices;
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordEnabled", mailboxPolicy.DevicePasswordEnabled, allowNonProvisionableDevices, deviceVersion, 20, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AlphanumericDevicePasswordRequired", mailboxPolicy.AlphanumericDevicePasswordRequired, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "PasswordRecoveryEnabled", mailboxPolicy.PasswordRecoveryEnabled, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireStorageCardEncryption", mailboxPolicy.RequireStorageCardEncryption, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AttachmentsEnabled", mailboxPolicy.AttachmentsEnabled, allowNonProvisionableDevices, deviceVersion, 20, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordLength", mailboxPolicy.MinDevicePasswordLength, allowNonProvisionableDevices, deviceVersion, 20, 0);
object value = null;
if (!mailboxPolicy.MaxInactivityTimeDeviceLock.IsUnlimited)
{
value = (int)mailboxPolicy.MaxInactivityTimeDeviceLock.Value.TotalSeconds;
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxInactivityTimeDeviceLock", value, allowNonProvisionableDevices, deviceVersion, 20, null);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxDevicePasswordFailedAttempts", mailboxPolicy.MaxDevicePasswordFailedAttempts, allowNonProvisionableDevices, deviceVersion, 20, null);
value = null;
if (!mailboxPolicy.MaxAttachmentSize.IsUnlimited)
{
value = mailboxPolicy.MaxAttachmentSize.Value.ToBytes();
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxAttachmentSize", value, allowNonProvisionableDevices, deviceVersion, 20, null);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSimpleDevicePassword", mailboxPolicy.AllowSimpleDevicePassword, allowNonProvisionableDevices, deviceVersion, 20, true);
value = null;
if (!mailboxPolicy.DevicePasswordExpiration.IsUnlimited)
{
value = (int)mailboxPolicy.DevicePasswordExpiration.Value.TotalDays;
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordExpiration", value, allowNonProvisionableDevices, deviceVersion, 20, null);
return(flag & ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordHistory", mailboxPolicy.DevicePasswordHistory, allowNonProvisionableDevices, deviceVersion, 20, 0));
}
internal override Command.ExecutionState ExecuteCommand()
{
base.XmlResponse = base.GetCommandXmlStub();
XmlNode provisionResponseNode = base.XmlResponse[this.RootNodeName];
switch (ProvisionCommandPhaseBase.DetermineCallPhase(base.XmlRequest))
{
case ProvisionCommandPhaseBase.ProvisionPhase.PhaseOne:
{
ProvisionCommandPhaseOne provisionCommandPhaseOne = new ProvisionCommandPhaseOne(this);
provisionCommandPhaseOne.Process(provisionResponseNode);
break;
}
case ProvisionCommandPhaseBase.ProvisionPhase.PhaseTwo:
{
ProvisionCommandPhaseTwo provisionCommandPhaseTwo = new ProvisionCommandPhaseTwo(this);
provisionCommandPhaseTwo.Process(provisionResponseNode);
break;
}
default:
throw new AirSyncPermanentException(StatusCode.Sync_ProtocolVersionMismatch, false)
{
ErrorStringForProtocolLogger = "Provision_InvalidCallType"
};
}
return(Command.ExecutionState.Complete);
}
// Token: 0x06000DF7 RID: 3575 RVA: 0x0004DFAC File Offset: 0x0004C1AC
public PolicyData(MobileMailboxPolicy policy, bool useIrmEnabledPolicySetting)
{
this.identity = policy.OriginalId;
this.allowNonProvisionableDevices = policy.AllowNonProvisionableDevices;
this.alphanumericDevicePasswordRequired = policy.AlphanumericPasswordRequired;
this.attachmentsEnabled = policy.AttachmentsEnabled;
this.requireStorageCardEncryption = policy.RequireStorageCardEncryption;
this.devicePasswordEnabled = policy.PasswordEnabled;
this.passwordRecoveryEnabled = policy.PasswordRecoveryEnabled;
this.devicePolicyRefreshInterval = policy.DevicePolicyRefreshInterval;
this.allowSimpleDevicePassword = policy.AllowSimplePassword;
this.maxAttachmentSize = policy.MaxAttachmentSize;
this.wssAccessEnabled = policy.WSSAccessEnabled;
this.uncAccessEnabled = policy.UNCAccessEnabled;
this.minDevicePasswordLength = policy.MinPasswordLength;
this.maxInactivityTimeDeviceLock = policy.MaxInactivityTimeLock;
this.maxDevicePasswordFailedAttempts = policy.MaxPasswordFailedAttempts;
this.devicePasswordExpiration = policy.PasswordExpiration;
this.devicePasswordHistory = policy.PasswordHistory;
this.isDefault = policy.IsDefault;
this.allowStorageCard = policy.AllowStorageCard;
this.allowCamera = policy.AllowCamera;
this.requireDeviceEncryption = policy.RequireDeviceEncryption;
this.allowUnsignedApplications = policy.AllowUnsignedApplications;
this.allowUnsignedInstallationPackages = policy.AllowUnsignedInstallationPackages;
this.allowWiFi = policy.AllowWiFi;
this.allowTextMessaging = policy.AllowTextMessaging;
this.allowPOPIMAPEmail = policy.AllowPOPIMAPEmail;
this.allowIrDA = policy.AllowIrDA;
this.requireManualSyncWhenRoaming = policy.RequireManualSyncWhenRoaming;
this.allowDesktopSync = policy.AllowDesktopSync;
this.allowHTMLEmail = policy.AllowHTMLEmail;
this.requireSignedSMIMEMessages = policy.RequireSignedSMIMEMessages;
this.requireEncryptedSMIMEMessages = policy.RequireEncryptedSMIMEMessages;
this.allowSMIMESoftCerts = policy.AllowSMIMESoftCerts;
this.allowBrowser = policy.AllowBrowser;
this.allowConsumerEmail = policy.AllowConsumerEmail;
this.allowRemoteDesktop = policy.AllowRemoteDesktop;
this.allowInternetSharing = policy.AllowInternetSharing;
this.allowBluetooth = policy.AllowBluetooth;
this.maxCalendarAgeFilter = policy.MaxCalendarAgeFilter;
this.maxEmailAgeFilter = policy.MaxEmailAgeFilter;
this.requireSignedSMIMEAlgorithm = policy.RequireSignedSMIMEAlgorithm;
this.requireEncryptionSMIMEAlgorithm = policy.RequireEncryptionSMIMEAlgorithm;
this.allowSMIMEEncryptionAlgorithmNegotiation = policy.AllowSMIMEEncryptionAlgorithmNegotiation;
this.minDevicePasswordComplexCharacters = policy.MinPasswordComplexCharacters;
this.maxEmailBodyTruncationSize = policy.MaxEmailBodyTruncationSize;
this.maxEmailHTMLBodyTruncationSize = policy.MaxEmailHTMLBodyTruncationSize;
this.unapprovedInROMApplicationList = policy.UnapprovedInROMApplicationList;
this.approvedApplicationList = policy.ApprovedApplicationList;
this.allowExternalDeviceManagement = policy.AllowExternalDeviceManagement;
this.MobileOTAUpdateMode = policy.MobileOTAUpdateMode;
this.AllowMobileOTAUpdate = policy.AllowMobileOTAUpdate;
this.isIrmEnabled = (useIrmEnabledPolicySetting && policy.IrmEnabled);
string policyXml = ProvisionCommandPhaseOne.BuildEASProvisionDoc(20, out this.preversion121DeviceCompatibility, this) + policy.AllowNonProvisionableDevices;
this.preversion121HashCode = PolicyData.GetPolicyHashCode(policyXml);
policyXml = ProvisionCommandPhaseOne.BuildEASProvisionDoc(121, out this.version121DeviceCompatibility, this) + policy.AllowNonProvisionableDevices;
this.version121HashCode = PolicyData.GetPolicyHashCode(policyXml);
}
private static string BuildEASProvisionDoc(IPolicyData mailboxPolicy, int deviceVersion, out bool policyIsCompatibleWithDevice)
{
policyIsCompatibleWithDevice = true;
if (mailboxPolicy == null)
{
return(null);
}
return(ProvisionCommandPhaseOne.BuildEASProvisionDoc(deviceVersion, out policyIsCompatibleWithDevice, mailboxPolicy));
}
internal static string BuildEASProvisionDoc(int deviceVersion, out bool policyIsCompatibleWithDevice, IPolicyData mailboxPolicy)
{
policyIsCompatibleWithDevice = true;
StringBuilder stringBuilder = new StringBuilder(300);
stringBuilder.Append("<eas-provisioningdoc xmlns=\"Provision:\">");
policyIsCompatibleWithDevice = ProvisionCommandPhaseOne.BuildEAS25And120Provisions(stringBuilder, deviceVersion, mailboxPolicy);
policyIsCompatibleWithDevice = (policyIsCompatibleWithDevice && ProvisionCommandPhaseOne.BuildEAS121Provisions(stringBuilder, deviceVersion, mailboxPolicy));
stringBuilder.Append("</eas-provisioningdoc>");
return(stringBuilder.ToString());
}
private bool ProcessPolicy(XmlNode response)
{
uint?headerPolicyKey = this.owningCommand.HeaderPolicyKey;
base.GlobalInfo.ProvisionSupported = true;
bool flag;
Command.DetectPolicyChange(this.owningCommand.PolicyData, base.GlobalInfo, this.owningCommand.ProtocolVersion, out flag);
if (!flag)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DeviceNotFullyProvisionable");
this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable);
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return(false);
}
if (this.requestPolicyType != null)
{
if (this.deviceInformationNode == null && this.owningCommand.ProtocolVersion >= 141)
{
throw new AirSyncPermanentException(StatusCode.DeviceInformationRequired, false)
{
ErrorStringForProtocolLogger = "DeviceInfoRequiredInProvision"
};
}
if (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase))
{
if (this.owningCommand.ProtocolVersion > 25)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "CannotUseWAP");
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return(true);
}
if (base.GlobalInfo.PolicyKeyNeeded != 0U || (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U))
{
this.responsePolicyType = this.requestPolicyType;
IPolicyData policyData = this.owningCommand.PolicyData;
this.responsePolicyData = ProvisionCommandPhaseOne.BuildWAPProvisionDoc(policyData);
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else
{
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy;
this.responsePolicyType = this.requestPolicyType;
}
}
else if (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase))
{
if (base.GlobalInfo.PolicyKeyNeeded != 0U)
{
this.responsePolicyType = this.requestPolicyType;
IPolicyData policyData2 = this.owningCommand.PolicyData;
this.responsePolicyData = ProvisionCommandPhaseOne.BuildEASProvisionDoc(policyData2, this.owningCommand.ProtocolVersion, out flag);
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else if (base.GlobalInfo.PolicyKeyOnDevice != 0U || (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U))
{
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyData = "<eas-provisioningdoc xmlns=\"Provision:\"><DevicePasswordEnabled>0</DevicePasswordEnabled></eas-provisioningdoc>";
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else
{
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy;
this.responsePolicyType = this.requestPolicyType;
}
}
else
{
if (this.requestPolicyType.Length == 0)
{
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
return(true);
}
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.UnknownPolicyType;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success;
return(true);
}
}
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success;
return(true);
}
private static bool BuildEAS121Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy)
{
bool flag = true;
bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices;
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowStorageCard", mailboxPolicy.AllowStorageCard, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowCamera", mailboxPolicy.AllowCamera, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireDeviceEncryption", mailboxPolicy.RequireDeviceEncryption, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedApplications", mailboxPolicy.AllowUnsignedApplications, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedInstallationPackages", mailboxPolicy.AllowUnsignedInstallationPackages, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= (ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordComplexCharacters", mailboxPolicy.MinDevicePasswordComplexCharacters, allowNonProvisionableDevices, deviceVersion, 121, 1) || !mailboxPolicy.AlphanumericDevicePasswordRequired);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowWiFi", mailboxPolicy.AllowWiFi, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowTextMessaging", mailboxPolicy.AllowTextMessaging, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowPOPIMAPEmail", mailboxPolicy.AllowPOPIMAPEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBluetooth", (int)mailboxPolicy.AllowBluetooth, allowNonProvisionableDevices, deviceVersion, 121, 2);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowIrDA", mailboxPolicy.AllowIrDA, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireManualSyncWhenRoaming", mailboxPolicy.RequireManualSyncWhenRoaming, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowDesktopSync", mailboxPolicy.AllowDesktopSync, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxCalendarAgeFilter", (int)mailboxPolicy.MaxCalendarAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowHTMLEmail", mailboxPolicy.AllowHTMLEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailAgeFilter", (int)mailboxPolicy.MaxEmailAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0);
if (!mailboxPolicy.MaxEmailBodyTruncationSize.IsUnlimited)
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", mailboxPolicy.MaxEmailBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null);
}
else
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1);
}
if (!mailboxPolicy.MaxEmailHTMLBodyTruncationSize.IsUnlimited)
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", mailboxPolicy.MaxEmailHTMLBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null);
}
else
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1);
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEMessages", mailboxPolicy.RequireSignedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptedSMIMEMessages", mailboxPolicy.RequireEncryptedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false);
ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEAlgorithm", (int)mailboxPolicy.RequireSignedSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false);
ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptionSMIMEAlgorithm", (int)mailboxPolicy.RequireEncryptionSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMEEncryptionAlgorithmNegotiation", (int)mailboxPolicy.AllowSMIMEEncryptionAlgorithmNegotiation, allowNonProvisionableDevices, deviceVersion, 121, 2);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMESoftCerts", mailboxPolicy.AllowSMIMESoftCerts, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBrowser", mailboxPolicy.AllowBrowser, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowConsumerEmail", mailboxPolicy.AllowConsumerEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowRemoteDesktop", mailboxPolicy.AllowRemoteDesktop, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowInternetSharing", mailboxPolicy.AllowInternetSharing, allowNonProvisionableDevices, deviceVersion, 121, true);
StringBuilder stringBuilder = new StringBuilder(300);
MultiValuedProperty <string> unapprovedInROMApplicationList = mailboxPolicy.UnapprovedInROMApplicationList;
if (unapprovedInROMApplicationList != null)
{
foreach (string str in unapprovedInROMApplicationList)
{
stringBuilder.AppendFormat("<{0}>{1}</{0}>", "ApplicationName", SecurityElement.Escape(str));
}
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "UnapprovedInROMApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty);
stringBuilder.Length = 0;
ApprovedApplicationCollection approvedApplicationList = mailboxPolicy.ApprovedApplicationList;
if (approvedApplicationList != null)
{
foreach (ApprovedApplication approvedApplication in approvedApplicationList)
{
stringBuilder.AppendFormat("<{0}>{1}</{0}>", "Hash", Convert.ToBase64String(HexStringConverter.GetBytes(approvedApplication.AppHash, false)));
}
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "ApprovedApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty);
return(flag);
}