FCL/sf/mw/vpnclient: comparison vpnengine/ikev1lib/src/ikev1negotiation.cpp

equal deleted inserted replaced

-:032d3a818f49
+:68dc8923de26
 /*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
 * which accompanies this distribution, and is available
 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
 		   }
 iDefaultRemoteID = ETrue;  //Must be sent but won't be used when updating the SAD
 }
 }
-//Only Hard Lifetimes taken into account
+SetPhase2LifeDurations( aReq.iProposal.iComb->sadb_comb_soft_addtime,
-TInt64 lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_addtime;
+aReq.iProposal.iComb->sadb_comb_hard_addtime,
-iHardLifetime = aReq.iProposal.iComb->sadb_comb_hard_addtime;
+aReq.iProposal.iComb->sadb_comb_soft_bytes,
+aReq.iProposal.iComb->sadb_comb_hard_bytes,
-if ( lifetime64 == 0 )
+*attr_II,
-{
+EFalse );
-lifetime64 = iHardLifetime;
-}
-TUint high = 0;
-TUint low = 0;
-if (lifetime64!=0)
-{
-high = ByteOrder::Swap32(I64HIGH(lifetime64));
-if (high > 0)
-attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high));
-low = ByteOrder::Swap32(I64LOW(lifetime64));
-attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low));
-}
-//Bytes lifetime
-lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_bytes;
-lifetime64 = (lifetime64/1024); //Bytes to KB
-if (lifetime64 != 0)
-{
-high = ByteOrder::Swap32(I64HIGH(lifetime64));
-if (high > 0)
-attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high));
-low = ByteOrder::Swap32(I64LOW(lifetime64));
-attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low));
-}
 //Save some pf_key data to use later in PFKEY_UPDATE msg
 iAcquireSeq = aReq.iBase.iMsg->sadb_msg_seq;        //msg Seq. number
 iPfkeyAcquirePID = aReq.iBase.iMsg->sadb_msg_pid;   //msg PID.
 iAcquirePending = ETrue;
 			DEBUG_LOG(_L("Remote Identity mismatch with IPsec Policy"));
 err = KKmdIkeNoProposalErr;
 break;
 		}
-//Only Hard Lifetimes taken into account
+	    SetPhase2LifeDurations( spec->iSoft.iAddTime,
-TInt64 lifetime64 = spec->iHard.iAddTime;
+spec->iHard.iAddTime,
-TUint high = 0;
+spec->iSoft.iBytes,
-TUint low = 0;
+spec->iHard.iBytes,
-if (lifetime64!=0)
+	                            *attr_II,
-{
+	                            ETrue );
-high = ByteOrder::Swap32(I64HIGH(lifetime64));
-if (high > 0)
+	    if (iPFS)
-attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high));
-low = ByteOrder::Swap32(I64LOW(lifetime64));
-attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low));
-}
-//Bytes lifetime
-lifetime64 = spec->iHard.iBytes;
-lifetime64 = (lifetime64/1024); //Bytes to KB
-if (lifetime64 != 0)
-{
-high = ByteOrder::Swap32(I64HIGH(lifetime64));
-if (high > 0)
-attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high));
-low = ByteOrder::Swap32(I64LOW(lifetime64));
-attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low));
-}
-if (iPFS)
 {
 switch (iHostData->iGroupDesc_II)
 {
 case IKE_PARSER_MODP_768:
 attr_II->iGroupDesc = MODP_768;
 #ifdef _DEBUG
 err_buf.Copy(_L("NO_PROPOSAL_CHOSEN: Phase II proposal not accepted - "));
 AppendAttributeError(num, err_buf);
 DEBUG_LOG(err_buf);
 #endif
-SetErrorStatus( KKmdIkeNoProposalErr );
 SendNotifyL(NO_PROPOSAL_CHOSEN);
 CleanupStack::PopAndDestroy(3); //transarray + recv_proposals + payload
 return EFalse;
 }
 break;
 i ++;
 }
 TTransModifier *tmodif;
-TInt64 own_time, own_bytes, peer_time, peer_bytes;
+TInt64 own_time, own_bytes, peer_time, peer_bytes, responderLifetime_time, responderLifetime_bytes;
 delete iChosenProp_IIList;  //Must be erased because can contain data from previous retransmissions
 	iChosenProp_IIList = NULL;
 iChosenProp_IIList = new (ELeave) CProposal_IIList(1);
 while ( i < count )
 {
 new_propII->iReplayWindowLength = tmodif->iReplayWindowLength;
 attr_II = prop->iAttrList->At(tmodif->iTransNum);   //look for the chosen transform in the prop
 ComputeLifetimes_II(tmodif->iReducedLifeSecs, tmodif->iReducedLifeKBytes, own_time, own_bytes);
 ComputeLifetimes_II(attr_II->iLifeDurationSecs, attr_II->iLifeDurationKBytes, peer_time, peer_bytes);
+ComputeLifetimes_II(tmodif->iResponderLifetimeSecs, tmodif->iResponderLifetimeKBytes, responderLifetime_time, responderLifetime_bytes);
 //Only copy the chosen transform
 new_attr_II = new (ELeave) TChosenAttrib_II();
 CleanupStack::PushL(new_attr_II);
 new_attr_II->Copy(*attr_II);
 new_attr_II->iReducedLifeKBytes.Set(tmodif->iReducedLifeKBytes);
 DEBUG_LOG1(_L("Lifesize bigger than the one set. Reducing to %d"), own_bytes);
 }
 else
 new_attr_II->iReducedLifeKBytes.Set(NULL, 0);
+if (responderLifetime_time)
+{
+new_attr_II->iResponderLifetimeSecs = tmodif->iResponderLifetimeSecs;
+DEBUG_LOG1(_L("Responder lifetime set to %d"), responderLifetime_time);
+}
+if (responderLifetime_bytes)
+{
+new_attr_II->iResponderLifetimeKBytes = tmodif->iResponderLifetimeKBytes;
+DEBUG_LOG1(_L("Responder lifetime in bytes set to %d"), responderLifetime_bytes);
+}
 new_propII->iAttrList->AppendL(new_attr_II);
 CleanupStack::Pop();    //new_attrII safe
 j++;  // Next transform modifer
 i++;  // Next proposal
 //SKEYID=prf(pre_shared key, Ni_b | Nr_b);
 //data
 prf_data->Des().Copy(iNONCE_I.Ptr(),iNONCE_I.Length());
 prf_data->Des().Append(iNONCE_R.Ptr(),iNONCE_R.Length());
 DEBUG_LOG(_L("Pre-shared Key"));
-#ifdef _UNICODE
-HBufC8 *preshared_key_buf = HBufC8::NewLC(iHostData->iPresharedKey.iKey.Length());
+HBufC8 *preshared_key_buf = GetPskFromPolicyL();
-preshared_key_buf->Des().Copy(iHostData->iPresharedKey.iKey);
+CleanupStack::PushL(preshared_key_buf);
 TPtrC8 preshared_key_ptr(preshared_key_buf->Des());
-#else
-TPtrC8 preshared_key_ptr(iHostData->iPresharedKey.iKey);
-#endif
 ComputePRFL(iSKEYID, preshared_key_ptr, prf_data->Des());
-#ifdef _UNICODE
+CleanupStack::PopAndDestroy(preshared_key_buf);
-CleanupStack::PopAndDestroy();  //presharedkey_buf
-#endif
 }
 break;
 default://method not implemented
 DEBUG_LOG1(_L("ATTRIBUTES_NOT_SUPPORTED:Auth Method %d not supported "),iChosenProposal_I.iAttrList->iAuthMethod);
 SetErrorStatus( KKmdIkeNegotFailed );
 prop = iChosenProp_IIList->At(j);
 inboundspi_node = iInboundSPIList->At(j);
 attr_II = (TChosenAttrib_II *)prop->iAttrList->At(0);   //only 1 transform is chosen no matter how many there are
 if ((attr_II->iReducedLifeSecs.Length() != 0) || (attr_II->iReducedLifeKBytes.Length() != 0))   //Any lifetime to update
-aMsg.IsakmpResponderLifetime(prop->iProtocol, inboundspi_node.iSPI, attr_II->iReducedLifeSecs, attr_II->iReducedLifeKBytes);
+aMsg.IsakmpResponderLifetime(prop->iProtocol,
+inboundspi_node.iSPI,
+attr_II->iResponderLifetimeSecs,
+attr_II->iResponderLifetimeKBytes);
 }
 }
 ikev1SAData->iLastMsg = iLastMsg->AllocL();
 }
 }
 }
+HBufC8* CIkev1Negotiation::GetPskFromPolicyL()
+{
+ASSERT(iHostData);
+//
+// Get Preshared Key from IKE policy and return in to caller in
+// HBufc8.
+//
+HBufC8* psk = NULL;
+if ( iHostData->iPresharedKey.iFormat ==  STRING_KEY )
+{
+psk = HBufC8::NewL(iHostData->iPresharedKey.iKey.Length());
+psk->Des().Copy(iHostData->iPresharedKey.iKey);
+}
+else if ( iHostData->iPresharedKey.iFormat == HEX_KEY )
+{
+psk = HBufC8::NewL(iHostData->iPresharedKey.iKey.Length() / 2);
+for(TInt i = 0; i < iHostData->iPresharedKey.iKey.Length(); i += 2)
+{
+TPtrC hexByte(iHostData->iPresharedKey.iKey.Mid(i, 2));
+TLex lex(hexByte);
+TUint8 value;
+User::LeaveIfError(lex.Val(value, EHex));
+psk->Des().Append(&value, 1);
+}
+}
+return psk;
+}
+void CIkev1Negotiation::SetPhase2LifeDurations( const TInt64 aSoftAddTime,
+const TInt64 aHardAddTime,
+const TInt64 aSoftBytes,
+const TInt64 aHardBytes,
+TAttrib_II& aAttr_II,
+TBool aResponder )
+{
+TInt64 lifetime64 = aSoftAddTime;
+iHardLifetime = aHardAddTime;
+if ( lifetime64 == 0 ||
+aResponder )
+{
+lifetime64 = iHardLifetime;
+}
+TUint high = 0;
+TUint low = 0;
+if ( lifetime64 != 0 )
+{
+high = ByteOrder::Swap32(I64HIGH(lifetime64));
+if (high > 0)
+{
+aAttr_II.iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high));
+}
+low = ByteOrder::Swap32(I64LOW(lifetime64));
+aAttr_II.iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low));
+}
+if ( aResponder )
+{
+// Set responder lifetime.
+lifetime64 = aSoftAddTime;
+if ( lifetime64 == 0 )
+{
+lifetime64 = iHardLifetime;
+}
+if ( lifetime64 != 0 )
+{
+high = ByteOrder::Swap32(I64HIGH(lifetime64));
+if (high > 0)
+{
+aAttr_II.iResponderLifetimeSecs.Copy((TUint8 *)&high, sizeof(high));
+}
+low = ByteOrder::Swap32(I64LOW(lifetime64));
+aAttr_II.iResponderLifetimeSecs.Append((TUint8 *)&low, sizeof(low));
+}
+}
+//Bytes lifetime
+lifetime64 = aSoftBytes;
+if ( lifetime64 == 0 ||
+aResponder )
+{
+lifetime64 = aHardBytes;
+}
+lifetime64 = (lifetime64/1024); //Bytes to KB
+if ( lifetime64 != 0 )
+{
+high = ByteOrder::Swap32(I64HIGH(lifetime64));
+if (high > 0)
+aAttr_II.iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high));
+low = ByteOrder::Swap32(I64LOW(lifetime64));
+aAttr_II.iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low));
+}
+if ( aResponder )
+{
+// Set responder lifetime.
+if ( lifetime64 == 0 )
+{
+lifetime64 = iHardLifetime;
+}
+lifetime64 = (lifetime64/1024); //Bytes to KB
+if ( lifetime64 != 0 )
+{
+high = ByteOrder::Swap32(I64HIGH(lifetime64));
+if (high > 0)
+{
+aAttr_II.iResponderLifetimeKBytes.Copy((TUint8 *)&high, sizeof(high));
+}
+low = ByteOrder::Swap32(I64LOW(lifetime64));
+aAttr_II.iResponderLifetimeKBytes.Append((TUint8 *)&low, sizeof(low));
+}
+}
+}

branch	RCL_3
changeset 12	68dc8923de26
parent 2	ef893827b4d1
child 23	d1a0d37b52a1