Changeset 2056
- Timestamp:
- 04/16/08 10:38:42 (7 months ago)
- Files:
-
- branches/networking/resources/cdsframework.spt (modified) (1 diff)
- branches/networking/resources/dictionary/dictionary.fdic (modified) (4 diffs)
- branches/networking/src/com/tresys/framework/compiler/Compiler.java (modified) (8 diffs)
- branches/networking/src/com/tresys/framework/compiler/dictionary/Target.java (modified) (1 diff)
- branches/networking/src/com/tresys/framework/compiler/linkage/Linkage.java (modified) (5 diffs)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/Endpoint.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/FNETParser.jj (modified) (3 diffs)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/NetConnection.java (modified) (1 diff)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/NetItem.java (modified) (1 diff)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/NetResource.java (modified) (1 diff)
- branches/networking/src/com/tresys/framework/compiler/linkage/net/NetworkConfig.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/compiler/policy/Component.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/compiler/systemResources/LabeledNetworkResource.java (modified) (1 diff)
- branches/networking/src/com/tresys/framework/compiler/systemResources/NetworkInfo.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/compiler/translator/NetworkIPSec.java (added)
- branches/networking/src/com/tresys/framework/compiler/translator/SELinuxDictionary.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/compiler/translator/SELinuxPolicy.java (modified) (10 diffs)
- branches/networking/src/com/tresys/framework/plugin/builder/SELinuxSystem.java (modified) (2 diffs)
- branches/networking/src/com/tresys/framework/plugin/editor/action/AddCustomPolicy.java (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/networking/resources/cdsframework.spt
r2049 r2056 56 56 ') 57 57 58 define(`SEFramework_ipsec_resource',` 59 ') 60 58 61 define(`SEFramework_read_boolean',` 59 62 allow $1 $2:file { read getattr }; branches/networking/resources/dictionary/dictionary.fdic
r2049 r2056 166 166 owner { 167 167 resource { 168 #TODO: I do n't think this is correct, but the dictionary parser requires something here168 #TODO: I do not think this is correct, but the dictionary parser requires something here 169 169 association { polmatch } 170 170 } … … 176 176 [backflow: 2] 177 177 { 178 resource {} 178 self { 179 association { sendto } 180 } 179 181 other write { 180 182 association { recvfrom } … … 190 192 { 191 193 self { 194 association { recvfrom } 195 } 196 other read { 192 197 association { sendto } 193 198 } … … 216 221 owner { 217 222 resource { 218 #TODO: I do n't think this is correct, but the dictionary parser requires something here223 #TODO: I do not think this is correct, but the dictionary parser requires something here 219 224 packet { send recv } 220 225 } branches/networking/src/com/tresys/framework/compiler/Compiler.java
r2055 r2056 38 38 import com.tresys.framework.compiler.policy.SystemResourceValidator; 39 39 import com.tresys.framework.compiler.systemResources.SystemResources; 40 import com.tresys.framework.compiler.translator.NetworkIPSec; 40 41 import com.tresys.framework.compiler.translator.NetworkSecmark; 41 42 import com.tresys.framework.compiler.translator.SELinuxDictionary; … … 372 373 System.out.println (" -pc <flaskPath> specify path to base policy flask directory"); 373 374 System.out.println (" -fc <file_context> specify base policy file_context"); 375 System.out.println (" -m <mls file> specify mls inforation file for linkage to translate MLS labels"); 376 System.out.println (" into real sensitivities (defaults to s0 for all if not specified)"); 374 377 System.out.println (); 375 378 System.out.println ("Dictionary arguments:"); 376 379 System.out.println (" -ds <dictionary source> specify source file for dictionary"); 380 System.out.println (" -do <dictionary output> specify destination for dictionary (spt) support file"); 377 381 System.out.println (); 378 382 System.out.println ("Policy arguments:"); … … 404 408 System.out.println (" -if <interface file> specify interface file for linkage to reference policy"); 405 409 System.out.println (" and exposing an external API (defaults to stdout if not specified)"); 406 System.out.println (" -m <mls file> specify mls inforation file for linkage to translate MLS labels"); 407 System.out.println (" into real sensitivities (defaults to s0 for all if not specified)"); 410 System.out.println (" -ipsec <output file> specify output file for generated ipsec "); 411 System.out.println (" (Labeled Networking) Security Associations"); 412 System.out.println (" -secmark <output file> specify output file for generated secmark"); 413 System.out.println (" (IPTables Networking) rules"); 408 414 System.out.println (); 409 415 System.out.println ("A dictionary file must be specified."); … … 420 426 // the translator 421 427 SELinuxPolicy translator = null; 428 NetworkConfig networkconfig = null; 422 429 423 430 dictSourceFilenames = new Vector/* <String> */(); … … 460 467 } 461 468 469 int errorCount = 0; 470 if (netConfigFilename != null) 471 { 472 System.out.println ("Parsing network configuration from " + netConfigFilename); 473 networkconfig = new NetworkConfig (); 474 475 File file = new File (netConfigFilename); 476 if (!file.exists ()) 477 { 478 ErrorExit ("fnet file doesn't exist: " + netConfigFilename); 479 } 480 481 FNETParser parser = new FNETParser (networkconfig); 482 try 483 { 484 CLIErrorHandler netErrorHandler = new CLIErrorHandler (netConfigFilename); 485 parser.Parse (new FileReader (file), netErrorHandler); 486 errorCount += netErrorHandler.errorCount; 487 } 488 catch (FileNotFoundException fnfe) 489 { 490 fnfe.printStackTrace (); 491 errorCount ++; 492 } 493 } 494 495 if (errorCount > 0) 496 { 497 ErrorExit ("Errors encountered while parsing netowrk configuraiton, exiting..."); 498 } 499 462 500 // create linkage interface depending on compilation targets 463 linkage = new Linkage(flaskPath, mlsSupport );501 linkage = new Linkage(flaskPath, mlsSupport, networkconfig); 464 502 465 503 // attempt to create Dictionary 466 504 dictionary = new Dictionary (); 467 int errorCount = 0;468 505 469 506 // Add dictionary files to the dictionary … … 609 646 } 610 647 } 611 612 if (netConfigFilename != null) 613 { 614 System.out.println ("Parsing network configuration from " + netConfigFilename); 615 NetworkConfig config = new NetworkConfig (); 616 617 File file = new File (netConfigFilename); 618 FNETParser parser = new FNETParser (config); 619 try 620 { 621 CLIErrorHandler netErrorHandler = new CLIErrorHandler (netConfigFilename); 622 parser.Parse (new FileReader (file), netErrorHandler); 623 errorCount += netErrorHandler.errorCount; 624 } 625 catch (FileNotFoundException fnfe) 626 { 627 fnfe.printStackTrace (); 628 errorCount ++; 629 } 630 } 631 632 if (errorCount > 0) 633 { 634 ErrorExit ("Errors encountered while parsing netowrk configuraiton, exiting..."); 635 } 636 648 637 649 if (customPolicyFileName != null) 638 650 { … … 665 677 666 678 } 667 translator = new SELinuxPolicy (linkage, moduleName, fcFile);679 translator = new SELinuxPolicy (linkage, networkconfig, moduleName, fcFile); 668 680 669 681 policy.Accept (translator); … … 793 805 } 794 806 } 795 807 808 if (ipsecFilename != null) 809 { 810 if (networkconfig == null) 811 ErrorExit ("ipsec can't be generated - no network configuration (fnet file)"); 812 813 NetworkIPSec networkInfo = new NetworkIPSec (networkconfig); 814 policy.Accept (networkInfo); 815 816 ByteArrayOutputStream networkData = networkInfo.GetConfiguration (); 817 if (networkData != null && networkData.size () > 0) 818 { 819 try 820 { 821 File secmarkFile = new File (ipsecFilename); 822 823 PrintStream secmarkStream = new PrintStream (new FileOutputStream (secmarkFile)); 824 secmarkStream.print (networkData.toString ()); 825 secmarkStream.flush (); 826 secmarkStream.close (); 827 } 828 catch (FileNotFoundException e) 829 { 830 e.printStackTrace(); 831 } 832 } 833 } 834 796 835 // hopefully this will trigger the finalize() methods and save us memory 797 836 // and cpu cycles branches/networking/src/com/tresys/framework/compiler/dictionary/Target.java
r1949 r2056 16 16 public class Target 17 17 { 18 public final static int self = 0;19 public final static int resource = 1;20 public final static int other_read = 2;21 public final static int other_write = 3;22 public final static int other_readwrite = 4;18 public final static int self = 5; 19 public final static int resource = 6; 20 public final static int other_read = Verb.read; 21 public final static int other_write = Verb.write; 22 public final static int other_readwrite = Verb.readwrite; 23 23 24 24 public final static String TARGET_SELF = "self"; branches/networking/src/com/tresys/framework/compiler/linkage/Linkage.java
r2029 r2056 19 19 20 20 import com.tresys.framework.compiler.policy.Ability; 21 import com.tresys.framework.compiler.linkage.net.NetworkConfig; 21 22 import com.tresys.framework.compiler.mls.MLSSupport; 22 23 import com.tresys.framework.compiler.policy.BaseDomain; … … 49 50 private final BasePolicy BasePolicy; 50 51 private final MLSSupport m_MLSSupport; 52 private final NetworkConfig m_netConfig; 51 53 52 54 … … 58 60 * @throws Exception If memory allocation fails 59 61 */ 60 public Linkage (String flaskPath, MLSSupport i_support )62 public Linkage (String flaskPath, MLSSupport i_support, NetworkConfig i_netConfig) 61 63 { 62 64 BasePolicy = new BasePolicy(flaskPath); … … 65 67 capabilities = new HashMap(); 66 68 m_MLSSupport = i_support; 69 m_netConfig = i_netConfig; 67 70 } 68 71 … … 75 78 { 76 79 return m_MLSSupport; 80 } 81 82 public NetworkConfig getNetworkConfig () 83 { 84 return m_netConfig; 77 85 } 78 86 branches/networking/src/com/tresys/framework/compiler/linkage/net/Endpoint.java
r2055 r2056 13 13 14 14 import com.tresys.framework.compiler.AbstractToken; 15 import com.tresys.framework.compiler.policy.Component; 16 import com.tresys.framework.compiler.policy.IPolicyVisitor; 15 17 import com.tresys.framework.compiler.systemResources.NetworkInfo; 16 18 … … 20 22 */ 21 23 public class Endpoint 24 extends Component 22 25 { 23 26 private NetSystem m_system; 24 private AbstractToken m_tokDomain;27 // private AbstractToken m_tokDomain; 25 28 private NetworkInfo m_netInfo; 26 29 27 30 public Endpoint (NetSystem i_sys, AbstractToken i_domain, NetworkInfo i_info) 28 31 { 32 super (i_domain, null, null); 29 33 m_system = i_sys; 30 m_tokDomain = i_domain;34 // m_tokDomain = i_domain; 31 35 m_netInfo = i_info; 32 36 } 37 38 public Endpoint (Endpoint i_copyMe) 39 { 40 super (i_copyMe); 41 m_netInfo = i_copyMe.m_netInfo; 42 m_system = i_copyMe.m_system; 43 } 44 45 /* (non-Javadoc) 46 * @see com.tresys.framework.compiler.policy.Component#Accept(com.tresys.framework.compiler.policy.IPolicyVisitor) 47 */ 48 public void Accept (IPolicyVisitor i_visitor) 49 { 50 // TODO Auto-generated method stub 51 52 } 53 54 public NetworkInfo getNetworkInfo () 55 { 56 return m_netInfo; 57 } 58 /* 59 public String getType () 60 { 61 return m_tokDomain.image + "_t"; 62 } 63 64 65 /* (non-Javadoc) 66 * @see java.lang.Object#toString() 67 */ 68 public String toString () 69 { 70 StringBuffer str = new StringBuffer (super.toString ()); 71 // str.append (m_tokDomain.toString ()); 72 str.append ('#'); 73 str.append (m_netInfo.toString ()); 74 75 return str.toString (); 76 } 33 77 } branches/networking/src/com/tresys/framework/compiler/linkage/net/FNETParser.jj
r2055 r2056 186 186 ////////////////////////////////// 187 187 <DATA> TOKEN: { 188 <SEMICOLON : ";"> { SwitchTo (return_state_data); } 189 |<SEPERATOR : "."> 190 |<LBRACE: "{"> { return_state_brace = curLexState; SwitchTo (INBRACE); } 191 } 192 193 <INBRACE> TOKEN : { 188 194 <QSTRING: 189 195 "\"" … … 197 203 )* 198 204 "\""> 199 |<SEMICOLON : ";"> { SwitchTo (return_state_data); } 200 |<SEPERATOR : "."> 201 |<LBRACE: "{"> { return_state_brace = curLexState; SwitchTo (INBRACE); } 202 |<LPAREN: "("> 203 |<RPAREN: ")"> 204 } 205 206 <INBRACE> TOKEN : { 207 <NETWORK: "secmark"|"ipsec" > 205 |<NETWORK: "secmark"|"ipsec" > 208 206 |<IP: <DIGITS>"."<DIGITS>"."<DIGITS>"."<DIGITS> > 209 207 |<NUMBER: <DIGITS> > 210 208 | < HEXKEY : "0x" (["0"-"9","a"-"f","A"-"F"])+> 211 209 |<RBRACE: "}"> { SwitchTo (return_state_brace); } 210 |<LPAREN: "("> 211 |<RPAREN: ")"> 212 |<KEY: (["0"-"9","a"-"z","A"-"Z","_","-"])+ > 212 213 } 213 214 … … 258 259 } 259 260 260 (<L BRACE>261 encAlg = < ID> encKey = <HEXKEY>262 <R BRACE>261 (<LPAREN> 262 encAlg = <KEY> encKey = <HEXKEY> 263 <RPAREN> 263 264 { 264 265 resource.put (NetResource.KEY_ENC_TYPE, encAlg.image); 265 266 resource.put (NetResource.KEY_ENC_KEY, encKey.image); 266 267 } 267 <L BRACE>268 authAlg = < ID> authKey = <QSTRING>269 <R BRACE>268 <LPAREN> 269 authAlg = <KEY> authKey = <QSTRING> 270 <RPAREN> 270 271 { 271 272 resource.put (NetResource.KEY_AUTH_TYPE, authAlg.image); branches/networking/src/com/tresys/framework/compiler/linkage/net/NetConnection.java
r2055 r2056 31 31 m_nESP = i_nesp; 32 32 } 33 34 public Endpoint getSource () 35 { 36 return m_source; 37 } 38 39 public Endpoint getTarget () 40 { 41 return m_target; 42 } 43 44 public NetResource getResource () 45 { 46 return m_networkresource; 47 } 48 49 public int getESPNumber () 50 { 51 return m_nESP; 52 } 53 54 /* (non-Javadoc) 55 * @see java.lang.Object#toString() 56 */ 57 public String toString () 58 { 59 StringBuffer str = new StringBuffer (); 60 str.append (m_source.toString ()); 61 str.append ('#'); 62 str.append (m_target.toString ()); 63 str.append ('#'); 64 // str.append (m_networkresource.toString ()); 65 // str.append ('#'); 66 str.append (m_nESP); 67 return str.toString (); 68 } 33 69 } branches/networking/src/com/tresys/framework/compiler/linkage/net/NetItem.java
r2055 r2056 38 38 return m_sName; 39 39 } 40 41 /* (non-Javadoc) 42 * @see java.lang.Object#equals(java.lang.Object) 43 */ 44 public boolean equals (Object obj) 45 { 46 if (!(obj instanceof NetItem)) 47 return false; 48 49 NetItem other = (NetItem) obj; 50 if (!m_sName.equals (other.m_sName)) 51 return false; 52 53 if (!m_token.equals (other.m_token)) 54 return false; 55 56 return true; 57 } 58 59 /* (non-Javadoc) 60 * @see java.lang.Object#toString() 61 */ 62 public String toString () 63 { 64 return getName (); 65 } 40 66 } branches/networking/src/com/tresys/framework/compiler/linkage/net/NetResource.java
r2055 r2056 45 45 m_resInfo.put (i_sKey, i_Value); 46 46 } 47 48 public Object get (String i_sKey) 49 { 50 return m_resInfo.get (i_sKey); 51 } 52 53 /* (non-Javadoc) 54 * @see java.lang.Object#equals(java.lang.Object) 55 */ 56 public boolean equals (Object obj) 57 { 58 if (!super.equals (obj)) 59 return false; 60 61 if (!(obj instanceof NetResource)) 62 return false; 63 64 return m_resInfo.equals (((NetResource) obj).m_resInfo); 65 } 66 67 /* (non-Javadoc) 68 * @see com.tresys.framework.compiler.linkage.net.NetItem#toString() 69 */ 70 public String toString () 71 { 72 StringBuffer buf = new StringBuffer (super.toString ()); 73 74 Object type = m_resInfo.get (KEY_TYPE); 75 if (type != null) 76 { 77 buf.append (' '); 78 buf.append (type.toString ()); 79 } 80 81 return buf.toString (); 82 } 47 83 } branches/networking/src/com/tresys/framework/compiler/linkage/net/NetworkConfig.java
r2055 r2056 12 12 package com.tresys.framework.compiler.linkage.net; 13 13 14 import java.util.ArrayList; 15 import java.util.Collection; 14 16 import java.util.HashMap; 17 import java.util.Iterator; 15 18 import java.util.Map; 16 19 … … 54 57 public void Add (NetConnection i_connection) 55 58 { 59 String sName = i_connection.toString (); 60 m_connections.put (sName, i_connection); 61 } 62 63 public Collection getConnections (NetResource i_res) 64 { 65 ArrayList list = new ArrayList (); 66 if (i_res == null) 67 return list; 56 68 69 for (Iterator itr = m_connections.values ().iterator (); itr.hasNext (); ) 70 { 71 NetConnection connection = (NetConnection) itr.next (); 72 if (i_res.equals (connection.getResource ())) 73 list.add (connection); 74 } 75 76 return list; 57 77 } 58 78 } branches/networking/src/com/tresys/framework/compiler/policy/Component.java
r2029 r2056 436 436 { 437 437 HashMap matchingAccesses = new HashMap(); 438 Iterator itr = accesses.iterator(); 439 while(itr.hasNext()) 438 for (Iterator itr = accesses.iterator(); itr.hasNext(); ) 440 439 { 441 440 Access axx = (Access) itr.next(); … … 457 456 public boolean Contains(Access axx) 458 457 { 459 Iterator itr = accesses.iterator(); 460 while(itr.hasNext()) 458 for (Iterator itr = accesses.iterator(); itr.hasNext(); ) 461 459 { 462 460 Access currAccess = (Access) itr.next(); branches/networking/src/com/tresys/framework/compiler/systemResources/LabeledNetworkResource.java
r2045 r2056 29 29 m_netInfo = i_nInfo; 30 30 } 31 32 public NetworkInfo getNetworkInfo () 33 { 34 return m_netInfo; 35 } 31 36 } branches/networking/src/com/tresys/framework/compiler/systemResources/NetworkInfo.java
r2055 r2056 11 11 12 12 package com.tresys.framework.compiler.systemResources; 13 14 import java.util.Arrays; 13 15 14 16 /** … … 45 47 46 48 /* (non-Javadoc) 49 * @see java.lang.Object#equals(java.lang.Object) 50 */ 51 public boolean equals (Object obj) 52 { 53 if (super.equals (obj)) 54 return true; 55 56 if (!(obj instanceof NetworkInfo)) 57 return false; 58 59 NetworkInfo other = (NetworkInfo) obj; 60 if (!m_sNode.equals (other.m_sNode)) 61 return false; 62 63 if (!m_sIPAddr.equals (other.m_sIPAddr)) 64 return false; 65 66 if (!Arrays.equals (m_nPorts, other.m_nPorts)) 67 return false; 68 69 return true; 70 } 71 72 /* (non-Javadoc) 47 73 * @see java.lang.Object#toString() 48 74 */ branches/networking/src/com/tresys/framework/compiler/translator/SELinuxDictionary.java
r1980 r2056 81 81 82 82 m_bufferDictionary.println ("## <param name=\"domain\">"); 83 m_bufferDictionary.println ("## <summary> The owner of the resource 's type </summary>");83 m_bufferDictionary.println ("## <summary> The owner of the resources type </summary>"); 84 84 m_bufferDictionary.println ("## </param>"); 85 85 … … 109 109 110 110 m_bufferDictionary.println ("## <param name=\"domain\">"); 111 m_bufferDictionary.println ("## <summary> The owner of the resource 's type </summary>");111 m_bufferDictionary.println ("## <summary> The owner of the resources type </summary>"); 112 112 m_bufferDictionary.println ("## </param>"); 113 113 m_bufferDictionary.println ("## <param name=\"resource\">"); branches/networking/src/com/tresys/framework/compiler/translator/SELinuxPolicy.java
r2049 r2056 61 61 import com.tresys.framework.compiler.linkage.libselinuxjava.selinux; 62 62 import com.tresys.framework.compiler.linkage.libselinuxjava.selinuxConstants; 63 import com.tresys.framework.compiler.linkage.net.Endpoint; 64 import com.tresys.framework.compiler.linkage.net.NetConnection; 65 import com.tresys.framework.compiler.linkage.net.NetResource; 66 import com.tresys.framework.compiler.linkage.net.NetworkConfig; 63 67 import com.tresys.framework.compiler.mls.MLSLevel; 64 68 import com.tresys.framework.compiler.policy.Ability; … … 104 108 105 109 private final Linkage m_linkage; 110 private final NetworkConfig m_netConfig; 106 111 private final boolean m_bGeneratePolicyTemplate; 107 112 … … 123 128 private TreeSet/*<String>*/m_dirPermSet = new TreeSet/*<String>*/(); 124 129 125 public SELinuxPolicy (Linkage _linkage, String i_sModuleName, File fcFile)130 public SELinuxPolicy (Linkage _linkage, NetworkConfig i_netConfig, String i_sModuleName, File fcFile) 126 131 { 127 132 m_linkage = _linkage; … … 129 134 m_hasFileContext = false; 130 135 m_bGeneratePolicyTemplate = false; 136 m_netConfig = i_netConfig; 131 137 132 138 if (fcFile != null && fcFile.exists()) … … 138 144 } 139 145 140 public SELinuxPolicy (Linkage i_linkage, boolean i_bGenerateTemplates, String i_sModuleName)146 public SELinuxPolicy (Linkage i_linkage, NetworkConfig i_netConfig, boolean i_bGenerateTemplates, String i_sModuleName) 141 147 { 142 148 m_linkage = i_linkage; 143 149 m_bGeneratePolicyTemplate = i_bGenerateTemplates; 144 150 m_sModuleName = i_sModuleName; 151 m_netConfig = i_netConfig; 145 152 } 146 153 … … 219 226 { 220 227 Rdef rdef = (Rdef) itr.next(); 221 228 229 // ipsec resource don't get a type - uses remote type from connection(s) 230 //TODO: review this because if the type doesn't get defined it causes a bunch of problems later 231 if (rdef.GetSysResourceState (SystemResourceTypes.ipsec) != SysResourceState.No) 232 continue; 233 234 222 235 String sType = i_resource.GetTypeWithDictionaryObject(rdef.GetName()); 223 236 … … 816 829 { 817 830 sResType = ((ControlResource)resource).getType(); 818 } 831 } 832 else if (rdef.GetSysResourceState (SystemResourceTypes.ipsec) != SysResourceState.No) 833 { 834 sResType = "self"; 835 if (m_netConfig != null) 836 { 837 m_bufferPolicy.println ("# remote types of data coming over the wire (Labeled Networking)"); 838 NetResource netRes = m_netConfig.getResource (resource.getName ()); 839 840 Collection connections = m_netConfig.getConnections (netRes); 841 for (Iterator itr2 = connections.iterator (); itr2.hasNext (); ) 842 { 843 NetConnection con = (NetConnection) itr2.next (); 844 Endpoint source = con.getSource (); 845 846 if (!source.getType ().equals (domain.getType ())) 847 continue; 848 849 Endpoint target = con.getTarget (); 850 m_bufferPolicy.println ("type " + target.getType () + ";"); 851 } 852 } 853 else 854 { 855 String sErrMsg = "Network information (fnet file) not loaded Labeled Network (ipsec) won't translate properly"; 856 if (resource.getToken () != null) 857 resource.getToken ().Error (sErrMsg, ErrorHandler.ERROR_UNABLE_TO_GET_TYPE_FROM_PATH, resource.getName ()); 858 else 859 Utility.ProjectError (sErrMsg); 860 } 861 } 819 862 else 820 863 { 821 864 &n