FCL/sf/mw/vpnclient: comparison vpnengine/ikev1lib/src/ikev1trans.cpp

equal deleted inserted replaced

-:473321461bba
+:e06095241a65
 #include "ikev1payload.h"
 #include "ikev1timeout.h"
 #include "ikev1crack.h"
 #include "ikev1isakmpstream.h"
 #include "ikev1crypto.h"
+#include "credentialcache.h"
 const TUint8  XAUTH_VID_DATA[8] = {0x09, 0x00, 0x26, 0x89, 0xdf, 0xd6, 0xb7, 0x12};
 const TUint8  CISCO_UNITY_VID_DATA[16] = {0x12, 0xf5, 0xf2, 0x8c, 0x45, 0x71, 0x68, 0xa9,
 0x70, 0x2d, 0x9f, 0xe2, 0x74, 0xcc, 0x01, 0x00};
+const TInt KCredentialTypeUnknown = 0;
+const TInt KCredentialTypeNew     = 1;
+const TInt KCredentialTypeCached  = 2;
 CTransNegotiation::CTransNegotiation( TInt aGranularity,
 TBool aUseXauth,
 TBool aUseCfgMode,
 CIkev1PluginSession* aPluginSession,
 DEBUG_LOG(_L("Transaction exchange object deleted"));
 delete iInternalAddr;
 delete iDialog;
 delete iDialogInfo;
 	delete iUserName;
+	delete iCache;
 for ( TInt i = 0; i < Count(); i++ )
 {
 delete At(i);
 }
 }
 {
 if ( !iPluginSession || !iNegotiation || (!iUseXauth && !iUseCfgMode))
 {
 User::Leave(KErrArgument);
 }
-DEBUG_LOG(_L("Transaction exchange object constructed"));
 if ( !iUseXauth )
 {
 iXauthCompleted = ETrue;
 iNegotiation->iTimer->Cancel();  // Stop retransmission timer
 }
 else
 {
 if ( !iUseCfgMode )
 iCfgModeCompleted = ETrue;
 DEBUG_LOG(_L("Starting to Wait XAUTH request"));
 }
+if( EFalse != iPluginSession->IkeData().iUseCache )
+{
+iCache = CCredentialCache::NewL( iDebug );
+}
+DEBUG_LOG(_L("Transaction exchange object constructed"));
 }
 /**-------------------------------------------------------------------
 *
 * Method GetAuthMethod()
 	      //
 		  delete iUserName; // Delete old user name buffer for sure
 	      iUserName = HBufC8::New(aDialogInfo->iUsername->Length() + 16); // 16 bytes space for padding
 		  if ( iUserName ) {
 		     iUserName->Des().Copy(aDialogInfo->iUsername->Des());
 		  }
+		  if( iCache && KCredentialTypeNew == iCredentialType )
+		  {
+		      iCache->SetUserName( *aDialogInfo->iUsername );
+		  }
 }
 if ( aDialogInfo->iSecret ) {
 //
 // Add either password, passcode or next pin attribute.
 case (1 << (ATTR_NEXT_PIN - ATTR_XAUTH_TYPE)):
 AttrType = ATTR_NEXT_PIN;
 break;
 default:
+if( iCache && KCredentialTypeNew == iCredentialType )
+{
+iCache->SetSecret( *aDialogInfo->iSecret );
+}
 break;
+}
-}
 AddAttributeData(attr_ptr, AttrType, aDialogInfo->iSecret->Length(),
 (TUint8*)aDialogInfo->iSecret->Ptr());
 }
 BuildAndSendMessageL(attr_ptr, ISAKMP_CFG_REPLY);
 *
 *--------------------------------------------------------------------*/
 TInt CTransNegotiation::ProcessXauthRequestL(TDataISAKMP* aAttr, TInt aLth)
 {
 TInt     status        = TRANSACTION_CONTINUE;
+TUint16  xauth_type    = ATTR_XAUTH_GENERIC;
 TUint32  request_flags = 0;
 TPtr8    challenge(NULL, 0);
 	TUint16  attr_type;
 while ( aLth > 0 ) {
 case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_PASSWORD - ATTR_XAUTH_TYPE))):
 //
 //  User name/Password authentication required
 //
-			iDialog     = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+			GetCredentialsL();
-iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
-iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this);
 break;
 case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_PASSCODE - ATTR_XAUTH_TYPE))):
 //
 //  User name/Secure ID authentication required
 			iDialog     = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
 			iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
 iDialog->GetAsyncSecureNextPinDialogL(iDialogInfo, (MIkeDialogComplete*)this);
 break;
+case ( (1 << (ATTR_CHALLENGE - ATTR_XAUTH_TYPE)) ):
+//
+//  User Challenge response dialog
+//
+if ( xauth_type == ATTR_XAUTH_RADIUS_CHAP )
+			{
+				iDialog     = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+				iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+iDialog->GetAsyncRespDialog(challenge, iDialogInfo, (MIkeDialogComplete*)this);
+}
+break;
 default:
 break;
 }
 return status;
 }
 /**-------------------------------------------------------------------
 *
 * Method ProcessXauthStatus()
 TInt CTransNegotiation::ProcessXauthStatusL(TDataISAKMP* aAttr, TInt aLth)
 {
 TBuf8<16> attributes;
 TInt      status = TRANSACTION_CONTINUE;
 TInt16    attr_status;
 while ( aLth > 0 ) {
 aLth = aLth - aAttr->Size();
 if ( aLth < 0 ) {
 DEBUG_LOG(_L("XAUTH SET ERROR (Length mismatch in the attibutes)"));
+iCredentialType = KCredentialTypeUnknown;
 return TRANSACTION_FAILED;
 }
 switch ( aAttr->Type() ) {
 AddAttributeData(attributes, AttrType, 2, (TUint8*)&attr_status);
 BuildAndSendMessageL(attributes, ISAKMP_CFG_ACK);
 if ( status == TRANSACTION_SUCCESS ) {
 DEBUG_LOG(_L("XAUTH authentication succeeded!"));
 iXauthCompleted = ETrue;
+if( iCache && KCredentialTypeNew == iCredentialType )
+{
+iCache->Store( iPluginSession->VpnIapId() );
+}
 		  if ( iUserName ) {
-		     //
 		 // Cache user name into user name file
-			 //
 		     CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
 CleanupStack::PushL(Dialog);
 			 TInt err(KErrNone);
 			 TRAP(err, Dialog->StoreUserNameL(iUserName->Des()));
 #ifdef _DEBUG
 			 if (err == KErrNone)
 			     DEBUG_LOG(_L("User Name caching succeeded"));
 			 else DEBUG_LOG(_L("User Name caching failed"));
 #endif // _DEBUG
 			 CleanupStack::PopAndDestroy();
 		  }
 }
 else {
+if( iCache )
+{
+iCache->Clear();
+}
 DEBUG_LOG(_L("XAUTH authentication failed!"));
-	   // Dialog object shall be delete in Dialog->RunL when dialog completed
-CIkev1Dialog* Dialog  = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
-Dialog->ShowErrorDialogL(TVpnNoteDialog::EKmdAuthenticationFailed, NULL, NULL);
 }
 }
+iCredentialType = KCredentialTypeUnknown;
 return status;
 }
 /**--------------------------------------------------------------------------------
 *
 * -- DNS address(es) in secure network   = INTERNAL_IP4_DNS
 *
 *--------------------------------------------------------------------*/
 TInt CTransNegotiation::BuildConfigRequestL()
 {
 TBuf8<16> attributes;
 TUint32  message_id = iNegotiation->RandomMessageId();
 iCurrExchange = AddExchangeL(message_id, INITIATOR); //Add a new transaction exchange
 BuildAndSendMessageL(attributes, ISAKMP_CFG_REQUEST);
 DEBUG_LOG(_L("CONFIG-MODE started, request xmitted!"));
 return TRANSACTION_CONTINUE;
 }
 /**-------------------------------------------------------------------
 *
 * Method AddAttributeData()
 }
 //
 // The implementation for class MIkeDialogComplete virtual function
 //
-TInt CTransNegotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo,
+TInt CTransNegotiation::DialogCompleteL(
-								        HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)
+TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret)
 {
 /*---------------------------------------------------------------------------
 *
 *  A response received from client user (through asynchronous dialog)
 *  This method is introduced as a TUserCallback for CGetIKEPassword dialog
 *  entry
 *
 *-------------------------------------------------------------------------*/
 	TUint32 obj_id = 1;
 	CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo;
-	DEBUG_LOG1(_L("CIKECRACKNegotiation::DialogCompleteL(), aUserInfo =  %x"), aUserInfo);
+	DEBUG_LOG1(_L("CTransNegotiation::DialogCompleteL(), aUserInfo=%x"), aUserInfo);
 	if ( info )
 	{
 		obj_id = info->GetObjId();
 		DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id);
 		if ( obj_id == XAUTH_DIALOG_ID )
 		{
-			info->iUsername = aUsername;
+			info->SetUserName( aUsername );
-			info->iSecret   = aSecret;
+			info->SetSecret( aSecret );
-			info->iDomain   = aDomain;
 			obj_id = info->PluginSession()->AuthDialogCompletedL(info);
 		}
 	}
 	return obj_id;
 }
+void CTransNegotiation::GetCredentialsL()
+{
+DEBUG_LOG( _L( "CTransNegotiation::GetCredentialsL" ) );
+TInt ret = KErrNotFound;
+delete iDialogInfo;  iDialogInfo = NULL;
+iDialogInfo = new (ELeave) CAuthDialogInfo(
+iPluginSession,
+XAUTH_DIALOG_ID,
+iNegotiation->SAId(),
+iCurrExchange->iMessageId );
+if( iCache && KCredentialTypeUnknown == iCredentialType )
+{
+ret = iCache->GetCredentials(
+iPluginSession->VpnIapId(),
+iDialogInfo->iUsername,
+iDialogInfo->iSecret
+);
+}
+if( KErrNone == ret )
+{
+iCredentialType = KCredentialTypeCached;
+TUint32 id = iPluginSession->AuthDialogCompletedL( iDialogInfo );
+}
+else
+{
+iCredentialType = KCredentialTypeNew;
+delete iDialog;  iDialog = NULL;
+iDialog = CIkev1Dialog::NewL(
+iPluginSession, iPluginSession->DialogAnchor(), iDebug );
+iDialog->GetAsyncUNPWDialogL( iDialogInfo, (MIkeDialogComplete*)this );
+}
+}
+/***/

branch	RCL_3
changeset 41	e06095241a65
parent 40	473321461bba
child 46	29c8f9bc68e1