Revision: 201019
authorDremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Thu, 27 May 2010 13:53:35 +0300
changeset 24 8447e6f7e2f5
parent 21 5aacbb121f34
child 27 19c70b65c876
Revision: 201019 Kit: 2010121
vpnengine/ikev1lib/inc/ikev1crack.h
vpnengine/ikev1lib/inc/ikev1dialog.h
vpnengine/ikev1lib/inc/ikev1negotiation.h
vpnengine/ikev1lib/src/ikev1crack.cpp
vpnengine/ikev1lib/src/ikev1dialog.cpp
vpnengine/ikev1lib/src/ikev1negotiation.cpp
--- a/vpnengine/ikev1lib/inc/ikev1crack.h	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/inc/ikev1crack.h	Thu May 27 13:53:35 2010 +0300
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
@@ -100,6 +100,7 @@
     TInt    GetDataL(HBufC8* aChallenge);
     TInt    GetDatafromUserL(HBufC8 *aChallenge);
     TInt    GetUNPWDFromPolicyL();
+    TInt    GetUNPWDFromNegotiationL();
     TInt    ProcessCHREAttibutesL(const TCHREISAKMP *aCHRE_PAYLOAD);
     void    SendCredentialsL(TUint16 aAttr1, TUint16 aAttr2, TUint16 aAttr3,
                              HBufC8* aBfr1, HBufC8* aBfr2, HBufC8* aBfr3);
--- a/vpnengine/ikev1lib/inc/ikev1dialog.h	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/inc/ikev1dialog.h	Thu May 27 13:53:35 2010 +0300
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
@@ -82,7 +82,6 @@
     void ShowErrorDialogL(TInt aDialogType, TAny *aUserInfo, MIkeDialogComplete*  aCallback);
 	void StoreUserNameL(TPtr8 aUserName);
 	void StartDialogL();
-	TInt GetSyncUNPWCacheDialog(TDes& aUserName, TDes& aPassword);
 	
     static TInt GetSyncUNPWDialog(TDes& aUserName, TDes& aPassword);
     static void PurgeDialogQueue(CIkev1Dialog* aQueuedDialog);
--- a/vpnengine/ikev1lib/inc/ikev1negotiation.h	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/inc/ikev1negotiation.h	Thu May 27 13:53:35 2010 +0300
@@ -25,6 +25,8 @@
 #include "ikev1SAdata.h"
 #include "ikepolparser.h"
 #include "ipsecsaspiretriever.h"
+#include "ikev1dialog.h"
+
 
 #define INITIATOR   0
 #define RESPONDER   1
@@ -84,7 +86,8 @@
 //  Class CIkev1Negotiation: Contains all the info for each negotiation in progress
 //
 NONSHARABLE_CLASS(CIkev1Negotiation) : public CBase,
-                                       public MIpsecSaSpiRetrieverCallback
+                                       public MIpsecSaSpiRetrieverCallback,
+                                       public MIkeDialogComplete
     {
     friend class CIkev1InfoNegotiation;
     friend class TIkev1IsakmpStream;
@@ -173,6 +176,10 @@
     void IpsecSaSpiRetrieved(TUint32 aSpiRequestId, 
                              TInt aStatus, 
                              TUint32 aSpi);	
+    
+    TInt   ProcessUserResponseL(CAuthDialogInfo *aUserInfo);
+    TInt   DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain);
+
 	
 private:
 
@@ -536,6 +543,11 @@
 	CIpsecSaSpiRetriever* iIpsecSaSpiRetriever;
 	CPFKeySocketIf& iPFKeySocketIf;	
 	MIkeDebug& iDebug;
+	
+	HBufC8* iCRACKLAMUserName;
+	HBufC8* iCRACKLAMPassword;
+    CIkev1Dialog*      iDialog;      // Pending dialog object
+    CAuthDialogInfo*   iDialogInfo;  // Dialog info object
     };
 
 #endif // C_IKEV1NEGOTIATION_H
--- a/vpnengine/ikev1lib/src/ikev1crack.cpp	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/src/ikev1crack.cpp	Thu May 27 13:53:35 2010 +0300
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
@@ -223,6 +223,14 @@
         {
         return GetUNPWDFromPolicyL();
         }
+    
+    else if ( iLAMType == CRACK_PASSWORD &&
+              iNegotiation->iCRACKLAMUserName &&
+              iNegotiation->iCRACKLAMPassword)
+        {
+        return GetUNPWDFromNegotiationL();
+        }
+    
     else
         {
         return GetDatafromUserL(aChallenge); 
@@ -297,6 +305,42 @@
     return CRACK_CONTINUE;
 }
 
+
+TInt CIKECRACKNegotiation::GetUNPWDFromNegotiationL()
+{
+    ASSERT(iLAMType == CRACK_PASSWORD);
+    
+    iNegotiation->iTimer->Cancel();   //Cancel previous timer because reply received & processed
+    DEBUG_LOG(_L("Timer Cancelled!"));
+    iNegotiation->iRetryNum = 0;
+
+    /*--------------------------------------------------------
+    *
+    *  Store attributes: User name, Secret, Domain
+    *
+    *--------------------------------------------------------*/
+
+    TUint16 attr1 = CRACK_T_USERNAME;
+    HBufC8* bfr1  = iNegotiation->iCRACKLAMUserName;
+    TUint16 attr2 = CRACK_T_SECRET;
+    HBufC8* bfr2  = iNegotiation->iCRACKLAMPassword;
+    HBufC8* bfr3  = iDomain;
+    TUint16 attr3 = 0;
+    if ( bfr3 )
+        {
+        attr3 = CRACK_T_DOMAIN;                  
+        }
+
+    SendCredentialsL(attr1, attr2, attr3, bfr1, bfr2, bfr3);
+
+    delete iNegotiation->iCRACKLAMUserName;
+    iNegotiation->iCRACKLAMUserName = NULL;
+    delete iNegotiation->iCRACKLAMPassword;
+    iNegotiation->iCRACKLAMPassword = NULL;
+    
+    return CRACK_CONTINUE;
+}
+
 void CIKECRACKNegotiation::SendCredentialsL(TUint16 aAttr1, TUint16 aAttr2, TUint16 aAttr3,
                                             HBufC8* aBfr1, HBufC8* aBfr2, HBufC8* aBfr3)
 {
--- a/vpnengine/ikev1lib/src/ikev1dialog.cpp	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/src/ikev1dialog.cpp	Thu May 27 13:53:35 2010 +0300
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
@@ -240,37 +240,6 @@
     return status;
 }
 
-/*--------------------------------------------------------------------
- *
- *  Get user name and password data for Legacy authentication
- *  This is a synchronous dialog which does NOT convert user name and
- *  password data into the 8-bit ASCII text
- *  Uses username cache
- *
- *---------------------------------------------------------------------*/
-TInt CIkev1Dialog::GetSyncUNPWCacheDialog(TDes& aUserName, TDes& aPassword)
-{
-    TInt status = KErrGeneral;
-    TIPSecDialogOutput output;
-
-    TIPSecDialogInfo dialog_input(TKMDDialog::EUserPwd, 0);
-    
-    iInputData = CreateDialogInput(dialog_input, ETrue);// TRUE = Use user name cache       
-    
-    TPckgBuf<TIPSecDialogOutput> ResponseBuf(output);//create the buf to receive the response
-
-    if ( iInputData )
-        status = LauchSyncDialog((TPckgBuf<TIPSecDialogInfo>&)*iInputData, ResponseBuf);
-    
-    if ( status == KErrNone ) {
-        TIPSecDialogOutput& resp = ResponseBuf();
-        aUserName = resp.iOutBuf;
-        aPassword = resp.iOutBuf2;      
-    }
-
-    return status;
-}
-
 void CIkev1Dialog::ShowErrorDialogL(TInt aDialogText, TAny *aUserInfo, MIkeDialogComplete*  aCallback )
 {
     iDialogType = TNoteDialog::EInfo;
--- a/vpnengine/ikev1lib/src/ikev1negotiation.cpp	Fri May 14 16:52:10 2010 +0300
+++ b/vpnengine/ikev1lib/src/ikev1negotiation.cpp	Thu May 27 13:53:35 2010 +0300
@@ -217,6 +217,9 @@
     delete iNatDiscovery;
 	delete iSARekeyInfo;
 	delete iLastMsg;
+
+	delete iDialog;
+    delete iDialogInfo;
 }
 
 
@@ -1073,24 +1076,28 @@
     else 
     {
        if ( iCRACKneg )
+       {
             status = iCRACKneg->ProcessUserResponseL(aUserInfo);       
-       else status = CRACK_FAILED;
-
-       if ( status == CRACK_FAILED ) 
-       {
-         /*--------------------------------------------------------
-          *
-          *  Crack negotiation failed. Negotiation shall be deleted
-          *
-          *--------------------------------------------------------*/
-		  LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
-		                 R_VPN_MSG_VPN_GW_AUTH_FAIL,
-		                 status,
-		                 iPluginSession->VpnIapId(),
-		                 &iRemoteAddr );		   
-		  SetErrorStatus(KKmdIkeAuthFailedErr);		  
-          AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
-       }      
+
+           if ( status == CRACK_FAILED ) 
+           {
+             /*--------------------------------------------------------
+              *
+              *  Crack negotiation failed. Negotiation shall be deleted
+              *
+              *--------------------------------------------------------*/
+              LOG_KMD_EVENT( MKmdEventLoggerIf::KLogError,
+                             R_VPN_MSG_VPN_GW_AUTH_FAIL,
+                             status,
+                             iPluginSession->VpnIapId(),
+                             &iRemoteAddr );		   
+              SetErrorStatus(KKmdIkeAuthFailedErr);		  
+              AcquireSAErrorResponse(KKmdIkeAuthFailedErr);
+           }
+       }
+       else 
+           status = ProcessUserResponseL(aUserInfo);;
+           
     }
 }
 
@@ -1266,6 +1273,19 @@
 //Sends the initial IKE packets to start the negotiation. PHASE I
 void CIkev1Negotiation::InitNegotiationL()   //Equiv. to stage 1
 {
+    
+    if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK &&
+        !iHostData->iCRACKLAMUserName && 
+        !iHostData->iCRACKLAMPassword &&
+        !iCRACKLAMUserName && 
+        !iCRACKLAMPassword)
+        {
+            
+            iDialog     = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug );
+            iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0);
+            iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+            return;
+    }
     TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) );
 	
     TInt  vendor_id_type;
@@ -1308,7 +1328,6 @@
 
     TBool cert_required = EFalse;   //If any proposal requires a cert to send a CR if needed
     TBool preshared_key = EFalse;   //Preshared key authentication        
-    TBool crack_used = EFalse;
     
     TAttrib *transf = iProposal_I.iAttrList;
     for (TInt i=0; (i < iProposal_I.iNumTransforms) && (!cert_required); i++)
@@ -1321,7 +1340,6 @@
             break;
         case IKE_A_CRACK:           
             cert_required = ETrue;
-            crack_used = ETrue;
             break;
         default:    // No cert involved
             preshared_key = ETrue;
@@ -1329,24 +1347,6 @@
         }
     }
     
-    if (crack_used &&
-        !iHostData->iCRACKLAMUserName && 
-        !iHostData->iCRACKLAMPassword)
-        {
-        TBuf<256> UserName;
-        TBuf<64> Password;
-        CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);                     
-        if (KErrNone != Dialog->GetSyncUNPWCacheDialog(UserName, Password))
-            {
-            DEBUG_LOG(_L("Failed to get credentials for crack auth!"));
-            SetFinished();
-            delete Dialog;
-            return;
-            }
-        iHostData->iCRACKLAMUserName = TStringData::NewL(UserName);
-        iHostData->iCRACKLAMPassword = TStringData::NewL(Password);
-        delete Dialog;
-    }
 
     if (iExchange == ISAKMP_EXCHANGE_AGGR) //Aggressive contains more payloads
     {
@@ -8393,4 +8393,55 @@
         }    
 }
 
-
+TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo )
+{
+    delete iDialog;  /* delete dialog object */
+    iDialog = NULL;
+    
+    iCRACKLAMUserName = aDialogInfo->iUsername->AllocL();
+    iCRACKLAMPassword = aDialogInfo->iSecret->AllocL();
+    
+    delete aDialogInfo;  /* release dialog info object */
+    iDialogInfo = NULL;  /* reset dialog info pointer  */
+    DEBUG_LOG(_L("Continue negotiation from begining"));
+    InitNegotiationL();
+    
+    return KErrNone;
+
+}
+//
+// The implementation for class MIkeDialogComplete virtual function
+//
+TInt CIkev1Negotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo,
+                                            HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)
+{
+/*---------------------------------------------------------------------------
+ *  
+ *  A response received from client user (through asynchronous dialog)
+ *  This method is introduced as a TUserCallback for CGetIKEPassword dialog
+ *  object is created. When the dialog is completed this callback function
+ *  is called 
+ *  
+ *-------------------------------------------------------------------------*/
+    TUint32 obj_id = 1;
+     CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo;
+     DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo =  %x"), aUserInfo);
+             
+     if ( info )
+     {
+        obj_id = info->GetObjId();
+        DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id);
+        if ( obj_id == DIALOG_INFO_ID )
+        {
+           info->iUsername = aUsername;
+           info->iSecret   = aSecret;
+           info->iDomain   = aDomain;
+           obj_id = info->PluginSession()->AuthDialogCompletedL(info);
+        }   
+     }
+
+     return obj_id;
+    
+}
+
+