1071 } |
1074 } |
1072 } |
1075 } |
1073 else |
1076 else |
1074 { |
1077 { |
1075 if ( iCRACKneg ) |
1078 if ( iCRACKneg ) |
|
1079 { |
1076 status = iCRACKneg->ProcessUserResponseL(aUserInfo); |
1080 status = iCRACKneg->ProcessUserResponseL(aUserInfo); |
1077 else status = CRACK_FAILED; |
1081 |
1078 |
1082 if ( status == CRACK_FAILED ) |
1079 if ( status == CRACK_FAILED ) |
1083 { |
1080 { |
1084 /*-------------------------------------------------------- |
1081 /*-------------------------------------------------------- |
1085 * |
1082 * |
1086 * Crack negotiation failed. Negotiation shall be deleted |
1083 * Crack negotiation failed. Negotiation shall be deleted |
1087 * |
1084 * |
1088 *--------------------------------------------------------*/ |
1085 *--------------------------------------------------------*/ |
1089 LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError, |
1086 LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError, |
1090 R_VPN_MSG_VPN_GW_AUTH_FAIL, |
1087 R_VPN_MSG_VPN_GW_AUTH_FAIL, |
1091 status, |
1088 status, |
1092 iPluginSession->VpnIapId(), |
1089 iPluginSession->VpnIapId(), |
1093 &iRemoteAddr ); |
1090 &iRemoteAddr ); |
1094 SetErrorStatus(KKmdIkeAuthFailedErr); |
1091 SetErrorStatus(KKmdIkeAuthFailedErr); |
1095 AcquireSAErrorResponse(KKmdIkeAuthFailedErr); |
1092 AcquireSAErrorResponse(KKmdIkeAuthFailedErr); |
1096 } |
1093 } |
1097 } |
|
1098 else |
|
1099 status = ProcessUserResponseL(aUserInfo);; |
|
1100 |
1094 } |
1101 } |
1095 } |
1102 } |
1096 |
1103 |
1097 |
1104 |
1098 // |
1105 // |
1264 |
1271 |
1265 |
1272 |
1266 //Sends the initial IKE packets to start the negotiation. PHASE I |
1273 //Sends the initial IKE packets to start the negotiation. PHASE I |
1267 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1274 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1268 { |
1275 { |
|
1276 |
|
1277 if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && |
|
1278 !iHostData->iCRACKLAMUserName && |
|
1279 !iHostData->iCRACKLAMPassword && |
|
1280 !iCRACKLAMUserName && |
|
1281 !iCRACKLAMPassword) |
|
1282 { |
|
1283 |
|
1284 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
1285 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
|
1286 iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this); |
|
1287 return; |
|
1288 } |
1269 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1289 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1270 |
1290 |
1271 TInt vendor_id_type; |
1291 TInt vendor_id_type; |
1272 |
1292 |
1273 //Main mode stage 1 |
1293 //Main mode stage 1 |
1306 ptr += sizeof(TPayloadISAKMP); |
1326 ptr += sizeof(TPayloadISAKMP); |
1307 Mem::Copy(iSAPayload, ptr,iSAPayloadSize); |
1327 Mem::Copy(iSAPayload, ptr,iSAPayloadSize); |
1308 |
1328 |
1309 TBool cert_required = EFalse; //If any proposal requires a cert to send a CR if needed |
1329 TBool cert_required = EFalse; //If any proposal requires a cert to send a CR if needed |
1310 TBool preshared_key = EFalse; //Preshared key authentication |
1330 TBool preshared_key = EFalse; //Preshared key authentication |
1311 TBool crack_used = EFalse; |
|
1312 |
1331 |
1313 TAttrib *transf = iProposal_I.iAttrList; |
1332 TAttrib *transf = iProposal_I.iAttrList; |
1314 for (TInt i=0; (i < iProposal_I.iNumTransforms) && (!cert_required); i++) |
1333 for (TInt i=0; (i < iProposal_I.iNumTransforms) && (!cert_required); i++) |
1315 { |
1334 { |
1316 switch (transf->iAuthMethod) |
1335 switch (transf->iAuthMethod) |
1319 case DSS_SIG: |
1338 case DSS_SIG: |
1320 cert_required = ETrue; |
1339 cert_required = ETrue; |
1321 break; |
1340 break; |
1322 case IKE_A_CRACK: |
1341 case IKE_A_CRACK: |
1323 cert_required = ETrue; |
1342 cert_required = ETrue; |
1324 crack_used = ETrue; |
|
1325 break; |
1343 break; |
1326 default: // No cert involved |
1344 default: // No cert involved |
1327 preshared_key = ETrue; |
1345 preshared_key = ETrue; |
1328 transf = transf->iNext; |
1346 transf = transf->iNext; |
1329 } |
1347 } |
1330 } |
1348 } |
1331 |
1349 |
1332 if (crack_used && |
|
1333 !iHostData->iCRACKLAMUserName && |
|
1334 !iHostData->iCRACKLAMPassword) |
|
1335 { |
|
1336 TBuf<256> UserName; |
|
1337 TBuf<64> Password; |
|
1338 CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug); |
|
1339 if (KErrNone != Dialog->GetSyncUNPWCacheDialog(UserName, Password)) |
|
1340 { |
|
1341 DEBUG_LOG(_L("Failed to get credentials for crack auth!")); |
|
1342 SetFinished(); |
|
1343 delete Dialog; |
|
1344 return; |
|
1345 } |
|
1346 iHostData->iCRACKLAMUserName = TStringData::NewL(UserName); |
|
1347 iHostData->iCRACKLAMPassword = TStringData::NewL(Password); |
|
1348 delete Dialog; |
|
1349 } |
|
1350 |
1350 |
1351 if (iExchange == ISAKMP_EXCHANGE_AGGR) //Aggressive contains more payloads |
1351 if (iExchange == ISAKMP_EXCHANGE_AGGR) //Aggressive contains more payloads |
1352 { |
1352 { |
1353 if ( preshared_key && !cert_required ) { |
1353 if ( preshared_key && !cert_required ) { |
1354 // |
1354 // |
8391 aAttr_II.iResponderLifetimeKBytes.Append((TUint8 *)&low, sizeof(low)); |
8391 aAttr_II.iResponderLifetimeKBytes.Append((TUint8 *)&low, sizeof(low)); |
8392 } |
8392 } |
8393 } |
8393 } |
8394 } |
8394 } |
8395 |
8395 |
8396 |
8396 TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo ) |
|
8397 { |
|
8398 delete iDialog; /* delete dialog object */ |
|
8399 iDialog = NULL; |
|
8400 |
|
8401 iCRACKLAMUserName = aDialogInfo->iUsername->AllocL(); |
|
8402 iCRACKLAMPassword = aDialogInfo->iSecret->AllocL(); |
|
8403 |
|
8404 delete aDialogInfo; /* release dialog info object */ |
|
8405 iDialogInfo = NULL; /* reset dialog info pointer */ |
|
8406 DEBUG_LOG(_L("Continue negotiation from begining")); |
|
8407 InitNegotiationL(); |
|
8408 |
|
8409 return KErrNone; |
|
8410 |
|
8411 } |
|
8412 // |
|
8413 // The implementation for class MIkeDialogComplete virtual function |
|
8414 // |
|
8415 TInt CIkev1Negotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo, |
|
8416 HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain) |
|
8417 { |
|
8418 /*--------------------------------------------------------------------------- |
|
8419 * |
|
8420 * A response received from client user (through asynchronous dialog) |
|
8421 * This method is introduced as a TUserCallback for CGetIKEPassword dialog |
|
8422 * object is created. When the dialog is completed this callback function |
|
8423 * is called |
|
8424 * |
|
8425 *-------------------------------------------------------------------------*/ |
|
8426 TUint32 obj_id = 1; |
|
8427 CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo; |
|
8428 DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo); |
|
8429 |
|
8430 if ( info ) |
|
8431 { |
|
8432 obj_id = info->GetObjId(); |
|
8433 DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id); |
|
8434 if ( obj_id == DIALOG_INFO_ID ) |
|
8435 { |
|
8436 info->iUsername = aUsername; |
|
8437 info->iSecret = aSecret; |
|
8438 info->iDomain = aDomain; |
|
8439 obj_id = info->PluginSession()->AuthDialogCompletedL(info); |
|
8440 } |
|
8441 } |
|
8442 |
|
8443 return obj_id; |
|
8444 |
|
8445 } |
|
8446 |
|
8447 |