/** * Ensure the client's policy key is current. * * @param string $sentKey The policykey sent to us by the client * @param string $requestType The type of request we are handling. A * Horde_ActiveSync constant. * * @return boolean */ public function checkPolicyKey($sentKey, $requestType = null) { $this->_logger->info(sprintf('[%s] Checking policykey for device: %s user: %s', $this->_procid, $this->_device->id, $this->_driver->getUser())); // Use looseprovisioning? if (empty($sentKey) && !$this->_device->enforceProvisioning() && $this->_provisioning === Horde_ActiveSync::PROVISIONING_LOOSE) { $sentKey = null; $this->_logger->info(sprintf('[%s] Allowing %s to connect since PROVISIONING_LOOSE is true and is either non-provisionable or has broken provisioning.', $this->_procid, $this->_device->id)); } elseif (empty($sentKey) && $this->_device->isNonProvisionable()) { // Check for non-provisionable, but allowable, devices. $this->_logger->info(sprintf('[%s] Allowing %s to connect since it is non-provisionable.', $this->_procid, $this->_device->id)); $sentKey = null; } // Don't attempt if we don't care if ($this->_provisioning !== Horde_ActiveSync::PROVISIONING_NONE) { // Get the stored key $storedKey = $this->_state->getPolicyKey($this->_device->id); $this->_logger->info(sprintf('[%s] Stored key: %s', $this->_procid, $storedKey)); // Did we request a remote wipe? if ($this->_state->getDeviceRWStatus($this->_device->id) == Horde_ActiveSync::RWSTATUS_PENDING) { $this->_requireProvisionWbxml($requestType, Horde_ActiveSync_Status::REMOTEWIPE_REQUESTED); return false; } // Validate the stored key against the device key, honoring // the value of _provisioning. if ((empty($storedKey) || $storedKey != $sentKey) && ($this->_provisioning != Horde_ActiveSync::PROVISIONING_LOOSE || $this->_provisioning == Horde_ActiveSync::PROVISIONING_LOOSE && !is_null($sentKey))) { // We send the headers AND the WBXML if EAS 12.1+ since some // devices report EAS 14.1 but don't accept the WBXML. $this->_activeSync->provisioningRequired(); if ($this->_device->version > Horde_ActiveSync::VERSION_TWELVEONE) { if (empty($sentKey)) { $status = Horde_ActiveSync_Status::DEVICE_NOT_PROVISIONED; } else { $status = Horde_ActiveSync_Status::INVALID_POLICY_KEY; } $this->_requireProvisionWbxml($requestType, Horde_ActiveSync_Status::DEVICE_NOT_PROVISIONED); } return false; } } // Either successfully validated, or we didn't care enough to check. $this->_logger->info(sprintf('[%s] Policykey: %s verified.', $this->_procid, $sentKey)); return true; }