13 * |
13 * |
14 * Description: IKEv1/IPSEC SA negotiation |
14 * Description: IKEv1/IPSEC SA negotiation |
15 * |
15 * |
16 */ |
16 */ |
17 |
17 |
18 #include <e32uid.h> |
|
19 #include <x509cert.h> |
18 #include <x509cert.h> |
20 #include <x500dn.h> |
19 #include <x500dn.h> |
21 #include <random.h> |
20 #include <random.h> |
22 #include <vpnlogmessages.rsg> |
21 #include <vpnlogmessages.rsg> |
23 #include <softtokenpluginif.h> |
|
24 |
22 |
25 #include "ikev1negotiation.h" |
23 #include "ikev1negotiation.h" |
26 #include "ikedebug.h" |
24 #include "ikedebug.h" |
27 #include "ikev1isakmpstream.h" |
25 #include "ikev1isakmpstream.h" |
28 #include "ikev1timeout.h" |
26 #include "ikev1timeout.h" |
187 delete iICA1; |
185 delete iICA1; |
188 delete iICA2; |
186 delete iICA2; |
189 |
187 |
190 delete iPkiService; // Trusted CA certificate list |
188 delete iPkiService; // Trusted CA certificate list |
191 |
189 |
192 delete[] iSAPayload; |
190 delete iSAPayload; |
193 delete[] iPeerIdentPayload; |
191 delete iPeerIdentPayload; |
194 delete iOwnIdentPayload; |
192 delete iOwnIdentPayload; |
195 |
193 |
196 //Keys |
194 //Keys |
197 delete iOwnKeys; //structure containing the public and private keys |
195 delete iOwnKeys; //structure containing the public and private keys |
198 delete iOwnPublicKey; //Public Key |
196 delete iOwnPublicKey; //Public Key |
1101 status = ProcessUserResponseL(aUserInfo);; |
1099 status = ProcessUserResponseL(aUserInfo);; |
1102 |
1100 |
1103 } |
1101 } |
1104 } |
1102 } |
1105 |
1103 |
1106 // |
|
1107 // CIkev1Negotiation::ErrDialogCompletedL |
|
1108 // Error dialog is completed. End negotiation. |
|
1109 // |
|
1110 void CIkev1Negotiation::ErrDialogCompletedL( ) |
|
1111 { |
|
1112 SendDeleteL(PROTO_ISAKMP); |
|
1113 SetErrorStatus(KKmdIkeAuthFailedErr); |
|
1114 } |
|
1115 |
1104 |
1116 // |
1105 // |
1117 // CIkev1Negotiation::StartCRACKAuthL |
1106 // CIkev1Negotiation::StartCRACKAuthL |
1118 // Start CRACK authentication phase of IKE phase I negotiation |
1107 // Start CRACK authentication phase of IKE phase I negotiation |
1119 // - Create CIKECRACKNegotiation object and call it`s ConstructL |
1108 // - Create CIKECRACKNegotiation object and call it`s ConstructL |
1282 |
1271 |
1283 |
1272 |
1284 //Sends the initial IKE packets to start the negotiation. PHASE I |
1273 //Sends the initial IKE packets to start the negotiation. PHASE I |
1285 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1274 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1286 { |
1275 { |
|
1276 |
1287 if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && |
1277 if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && |
1288 !iHostData->iCRACKLAMUserName && |
1278 !iHostData->iCRACKLAMUserName && |
1289 !iHostData->iCRACKLAMPassword && |
1279 !iHostData->iCRACKLAMPassword && |
1290 !iCRACKLAMUserName && |
1280 !iCRACKLAMUserName && |
1291 !iCRACKLAMPassword) |
1281 !iCRACKLAMPassword) |
1292 { |
1282 { |
1293 if ( (iHostData->iSoftToken) && (iPluginSession->SoftToken() != NULL) ) |
1283 |
1294 { |
|
1295 if (iPluginSession->SoftToken()->DefaultFoundL()) |
|
1296 { |
|
1297 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
1298 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
|
1299 iDialog->GetAsyncSecureidPinDialogL(iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
1300 return; |
|
1301 } |
|
1302 else |
|
1303 { |
|
1304 DEBUG_LOG(_L("Failed to find token!")); |
|
1305 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
1306 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, ERROR_DIALOG_ID, SAId(), 0); |
|
1307 iDialog->ShowErrorDialogL(TVpnNoteDialog::EKmdTokenNotFound, iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
1308 return; |
|
1309 } |
|
1310 } |
|
1311 else |
|
1312 { |
|
1313 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
1284 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
1314 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
1285 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
1315 iDialog->GetAsyncUNPWDialogL(iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
1286 iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this); |
1316 return; |
1287 return; |
1317 } |
|
1318 } |
1288 } |
1319 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1289 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1320 |
1290 |
1321 TInt vendor_id_type; |
1291 TInt vendor_id_type; |
1322 |
1292 |
8425 |
8395 |
8426 TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo ) |
8396 TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo ) |
8427 { |
8397 { |
8428 delete iDialog; /* delete dialog object */ |
8398 delete iDialog; /* delete dialog object */ |
8429 iDialog = NULL; |
8399 iDialog = NULL; |
8430 |
|
8431 if (iHostData->iSoftToken && (iPluginSession->SoftToken() != NULL)) |
|
8432 { |
|
8433 HBufC8* password = NULL; |
|
8434 TInt status; |
|
8435 status = iPluginSession->SoftToken()->CodeL(*aDialogInfo->iSecret, password); |
|
8436 |
|
8437 if (KErrNone != status) |
|
8438 { |
|
8439 if (KErrNoSecureTime == status) |
|
8440 { |
|
8441 DEBUG_LOG(_L("Token expired!")); |
|
8442 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
8443 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, ERROR_DIALOG_ID, SAId(), 0); |
|
8444 iDialog->ShowErrorDialogL(TVpnNoteDialog::EKmdTokenExpired, iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
8445 return status; |
|
8446 } |
|
8447 DEBUG_LOG(_L("Failed to get OTP from SoftToken!")); |
|
8448 SetFinished(); |
|
8449 return KErrNotFound; |
|
8450 } |
|
8451 else |
|
8452 { |
|
8453 aDialogInfo->SetSecret(password); |
|
8454 } |
|
8455 } |
|
8456 |
8400 |
8457 iCRACKLAMUserName = aDialogInfo->iUsername->AllocL(); |
8401 iCRACKLAMUserName = aDialogInfo->iUsername->AllocL(); |
8458 iCRACKLAMPassword = aDialogInfo->iSecret->AllocL(); |
8402 iCRACKLAMPassword = aDialogInfo->iSecret->AllocL(); |
8459 |
8403 |
8460 delete aDialogInfo; /* release dialog info object */ |
8404 delete aDialogInfo; /* release dialog info object */ |
8463 InitNegotiationL(); |
8407 InitNegotiationL(); |
8464 |
8408 |
8465 return KErrNone; |
8409 return KErrNone; |
8466 |
8410 |
8467 } |
8411 } |
8468 |
|
8469 // |
8412 // |
8470 // The implementation for class MIkeDialogComplete virtual function |
8413 // The implementation for class MIkeDialogComplete virtual function |
8471 // |
8414 // |
8472 TInt CIkev1Negotiation::DialogCompleteL( |
8415 TInt CIkev1Negotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo, |
8473 TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret) |
8416 HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain) |
8474 { |
8417 { |
8475 /*--------------------------------------------------------------------------- |
8418 /*--------------------------------------------------------------------------- |
8476 * |
8419 * |
8477 * A response received from client user (through asynchronous dialog) |
8420 * A response received from client user (through asynchronous dialog) |
8478 * This method is introduced as a TUserCallback for CGetIKEPassword dialog |
8421 * This method is introduced as a TUserCallback for CGetIKEPassword dialog |
8485 DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo); |
8428 DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo); |
8486 |
8429 |
8487 if ( info ) |
8430 if ( info ) |
8488 { |
8431 { |
8489 obj_id = info->GetObjId(); |
8432 obj_id = info->GetObjId(); |
8490 info->iNegotiation = this; |
|
8491 DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id); |
8433 DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id); |
8492 if ( obj_id == DIALOG_INFO_ID ) |
8434 if ( obj_id == DIALOG_INFO_ID ) |
8493 { |
8435 { |
8494 info->SetUserName(aUsername); |
8436 info->iUsername = aUsername; |
8495 info->SetSecret(aSecret); |
8437 info->iSecret = aSecret; |
8496 obj_id = info->PluginSession()->AuthDialogCompletedL(info); |
8438 info->iDomain = aDomain; |
8497 } |
8439 obj_id = info->PluginSession()->AuthDialogCompletedL(info); |
8498 if ( obj_id == ERROR_DIALOG_ID ) |
|
8499 { |
|
8500 obj_id = info->PluginSession()->ErrDialogCompletedL(info); |
|
8501 } |
8440 } |
8502 } |
8441 } |
8503 |
8442 |
8504 return obj_id; |
8443 return obj_id; |
8505 |
8444 |