--- a/vpnengine/ikev1lib/src/ikev1trans.cpp Tue Aug 31 16:14:16 2010 +0300
+++ b/vpnengine/ikev1lib/src/ikev1trans.cpp Wed Sep 01 12:23:21 2010 +0100
@@ -36,11 +36,17 @@
#include "ikev1crack.h"
#include "ikev1isakmpstream.h"
#include "ikev1crypto.h"
+#include "credentialcache.h"
+
const TUint8 XAUTH_VID_DATA[8] = {0x09, 0x00, 0x26, 0x89, 0xdf, 0xd6, 0xb7, 0x12};
const TUint8 CISCO_UNITY_VID_DATA[16] = {0x12, 0xf5, 0xf2, 0x8c, 0x45, 0x71, 0x68, 0xa9,
0x70, 0x2d, 0x9f, 0xe2, 0x74, 0xcc, 0x01, 0x00};
+const TInt KCredentialTypeUnknown = 0;
+const TInt KCredentialTypeNew = 1;
+const TInt KCredentialTypeCached = 2;
+
CTransNegotiation::CTransNegotiation( TInt aGranularity,
TBool aUseXauth,
@@ -93,8 +99,9 @@
delete iInternalAddr;
delete iDialog;
delete iDialogInfo;
- delete iUserName;
-
+ delete iUserName;
+ delete iCache;
+
for ( TInt i = 0; i < Count(); i++ )
{
delete At(i);
@@ -114,8 +121,7 @@
{
User::Leave(KErrArgument);
}
-
- DEBUG_LOG(_L("Transaction exchange object constructed"));
+
if ( !iUseXauth )
{
iXauthCompleted = ETrue;
@@ -126,7 +132,14 @@
if ( !iUseCfgMode )
iCfgModeCompleted = ETrue;
DEBUG_LOG(_L("Starting to Wait XAUTH request"));
- }
+ }
+
+ if( EFalse != iPluginSession->IkeData().iUseCache )
+ {
+ iCache = CCredentialCache::NewL( iDebug );
+ }
+
+ DEBUG_LOG(_L("Transaction exchange object constructed"));
}
/**-------------------------------------------------------------------
@@ -283,7 +296,12 @@
iUserName = HBufC8::New(aDialogInfo->iUsername->Length() + 16); // 16 bytes space for padding
if ( iUserName ) {
iUserName->Des().Copy(aDialogInfo->iUsername->Des());
- }
+ }
+
+ if( iCache && KCredentialTypeNew == iCredentialType )
+ {
+ iCache->SetUserName( *aDialogInfo->iUsername );
+ }
}
if ( aDialogInfo->iSecret ) {
@@ -308,9 +326,12 @@
break;
default:
+ if( iCache && KCredentialTypeNew == iCredentialType )
+ {
+ iCache->SetSecret( *aDialogInfo->iSecret );
+ }
break;
-
- }
+ }
AddAttributeData(attr_ptr, AttrType, aDialogInfo->iSecret->Length(),
(TUint8*)aDialogInfo->iSecret->Ptr());
}
@@ -675,6 +696,7 @@
TInt CTransNegotiation::ProcessXauthRequestL(TDataISAKMP* aAttr, TInt aLth)
{
TInt status = TRANSACTION_CONTINUE;
+ TUint16 xauth_type = ATTR_XAUTH_GENERIC;
TUint32 request_flags = 0;
TPtr8 challenge(NULL, 0);
TUint16 attr_type;
@@ -799,9 +821,7 @@
//
// User name/Password authentication required
//
- iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
- iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
- iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this);
+ GetCredentialsL();
break;
case ( (1 << (ATTR_USER_NAME - ATTR_XAUTH_TYPE)) | (1 << (ATTR_PASSCODE - ATTR_XAUTH_TYPE))):
@@ -822,13 +842,24 @@
iDialog->GetAsyncSecureNextPinDialogL(iDialogInfo, (MIkeDialogComplete*)this);
break;
+ case ( (1 << (ATTR_CHALLENGE - ATTR_XAUTH_TYPE)) ):
+ //
+ // User Challenge response dialog
+ //
+ if ( xauth_type == ATTR_XAUTH_RADIUS_CHAP )
+ {
+ iDialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
+ iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, XAUTH_DIALOG_ID, iNegotiation->SAId(), iCurrExchange->iMessageId);
+ iDialog->GetAsyncRespDialog(challenge, iDialogInfo, (MIkeDialogComplete*)this);
+ }
+ break;
+
default:
break;
}
return status;
-
}
/**-------------------------------------------------------------------
@@ -843,12 +874,13 @@
TBuf8<16> attributes;
TInt status = TRANSACTION_CONTINUE;
TInt16 attr_status;
-
+
while ( aLth > 0 ) {
aLth = aLth - aAttr->Size();
if ( aLth < 0 ) {
DEBUG_LOG(_L("XAUTH SET ERROR (Length mismatch in the attibutes)"));
+ iCredentialType = KCredentialTypeUnknown;
return TRANSACTION_FAILED;
}
@@ -888,14 +920,19 @@
if ( status == TRANSACTION_SUCCESS ) {
DEBUG_LOG(_L("XAUTH authentication succeeded!"));
iXauthCompleted = ETrue;
+
+ if( iCache && KCredentialTypeNew == iCredentialType )
+ {
+ iCache->Store( iPluginSession->VpnIapId() );
+ }
+
if ( iUserName ) {
- //
// Cache user name into user name file
- //
CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
CleanupStack::PushL(Dialog);
TInt err(KErrNone);
TRAP(err, Dialog->StoreUserNameL(iUserName->Des()));
+
#ifdef _DEBUG
if (err == KErrNone)
DEBUG_LOG(_L("User Name caching succeeded"));
@@ -905,13 +942,16 @@
}
}
else {
+ if( iCache )
+ {
+ iCache->Clear();
+ }
DEBUG_LOG(_L("XAUTH authentication failed!"));
- // Dialog object shall be delete in Dialog->RunL when dialog completed
- CIkev1Dialog* Dialog = CIkev1Dialog::NewL(iPluginSession, iPluginSession->DialogAnchor(), iDebug);
- Dialog->ShowErrorDialogL(TVpnNoteDialog::EKmdAuthenticationFailed, NULL, NULL);
}
}
-
+
+ iCredentialType = KCredentialTypeUnknown;
+
return status;
}
@@ -967,7 +1007,6 @@
*--------------------------------------------------------------------*/
TInt CTransNegotiation::BuildConfigRequestL()
{
-
TBuf8<16> attributes;
TUint32 message_id = iNegotiation->RandomMessageId();
@@ -985,8 +1024,6 @@
DEBUG_LOG(_L("CONFIG-MODE started, request xmitted!"));
return TRANSACTION_CONTINUE;
-
-
}
/**-------------------------------------------------------------------
@@ -1101,8 +1138,8 @@
//
// The implementation for class MIkeDialogComplete virtual function
//
-TInt CTransNegotiation::DialogCompleteL(CIkev1Dialog* /*aDialog*/, TAny* aUserInfo,
- HBufC8* aUsername, HBufC8* aSecret, HBufC8* aDomain)
+TInt CTransNegotiation::DialogCompleteL(
+ TAny* aUserInfo, HBufC8* aUsername, HBufC8* aSecret)
{
/*---------------------------------------------------------------------------
*
@@ -1116,7 +1153,7 @@
*-------------------------------------------------------------------------*/
TUint32 obj_id = 1;
CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo;
- DEBUG_LOG1(_L("CIKECRACKNegotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo);
+ DEBUG_LOG1(_L("CTransNegotiation::DialogCompleteL(), aUserInfo=%x"), aUserInfo);
if ( info )
{
@@ -1124,12 +1161,56 @@
DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id);
if ( obj_id == XAUTH_DIALOG_ID )
{
- info->iUsername = aUsername;
- info->iSecret = aSecret;
- info->iDomain = aDomain;
+ info->SetUserName( aUsername );
+ info->SetSecret( aSecret );
obj_id = info->PluginSession()->AuthDialogCompletedL(info);
- }
+ }
}
return obj_id;
}
+
+
+void CTransNegotiation::GetCredentialsL()
+{
+ DEBUG_LOG( _L( "CTransNegotiation::GetCredentialsL" ) );
+
+ TInt ret = KErrNotFound;
+
+ delete iDialogInfo; iDialogInfo = NULL;
+
+ iDialogInfo = new (ELeave) CAuthDialogInfo(
+ iPluginSession,
+ XAUTH_DIALOG_ID,
+ iNegotiation->SAId(),
+ iCurrExchange->iMessageId );
+
+ if( iCache && KCredentialTypeUnknown == iCredentialType )
+ {
+ ret = iCache->GetCredentials(
+ iPluginSession->VpnIapId(),
+ iDialogInfo->iUsername,
+ iDialogInfo->iSecret
+ );
+ }
+
+ if( KErrNone == ret )
+ {
+ iCredentialType = KCredentialTypeCached;
+ TUint32 id = iPluginSession->AuthDialogCompletedL( iDialogInfo );
+ }
+ else
+ {
+ iCredentialType = KCredentialTypeNew;
+
+ delete iDialog; iDialog = NULL;
+
+ iDialog = CIkev1Dialog::NewL(
+ iPluginSession, iPluginSession->DialogAnchor(), iDebug );
+
+ iDialog->GetAsyncUNPWDialogL( iDialogInfo, (MIkeDialogComplete*)this );
+ }
+}
+
+
+/***/