EXPORT_C void CPKCS12Handler::SaveSecurityObjectsToDiskL(const TDesC8& aData,
const TDesC& aPwd,
const TDesC& aDir)
{
LOG_("-> CPKCS12Handler::SaveSecurityObjectsToDiskL()");
if (iOutputDir)
{
delete iOutputDir;
iOutputDir = NULL;
}
// Output dir needs to end with backslash
iOutputDir = aDir.AllocL();
LOG_1(" Using output dir: '%S'", iOutputDir);
ExtractSecurityObjectsL(aData, aPwd);
// Save CA/user certificates to disk
SaveCertificatesToDiskL();
// Save private keys to disk
SaveKeysToDiskL();
LOG_("<- CPKCS12Handler::SaveSecurityObjectsToDiskL()");
}
void CPolicyImporter::ParseIkeDataL()
{
LOG_("-> CPolicyImporter::ParseIkeDataL()");
HBufC* polFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPolFileExt);
if (!iFileUtil.FileExists(*polFile))
{
LOG_("<- CPolicyImporter::ParseIkeDataL() LEAVE (KVpnErrNoPolicyFile)");
User::Leave(KVpnErrNoPolicyFile);
}
HBufC8* fileData = iFileUtil.LoadFileDataL(*polFile);
CleanupStack::PushL(fileData);
HBufC* fileData16 = HBufC::NewLC(fileData->Length());
fileData16->Des().Copy(*fileData);
delete iCurrIkeDataArray;
iCurrIkeDataArray = NULL;
iCurrIkeDataArray = CIkeDataArray::NewL(1);
TIkeParser* ikeParser = new (ELeave) TIkeParser(*fileData16);
CleanupStack::PushL(ikeParser);
ikeParser->ParseIKESectionsL(iCurrIkeDataArray);
CleanupStack::PopAndDestroy(4); // ikeParser, fileData16, fileData, polFile
LOG_("<- CPolicyImporter::ParseIkeDataL()");
}
void CPKCS12Handler::AttachCertificateL(CX509Certificate* aCert,
const TPKIKeyIdentifier& aKeyId)
{
LOG_("-> CPKCS12Handler::AttachCertificateL()");
TRequestStatus requestStatus;
TAny* resArray(NULL);
// Perform asynchronous PKI operation synchronously
iPkiService->AttachCertificateL(aKeyId, DEFAULT_KEY_LEN, EPKIRSA,
aCert->Encoding(), &resArray,
requestStatus);
User::WaitForRequest(requestStatus);
iPkiService->Finalize(resArray);
// Check for operation status
TInt status = requestStatus.Int();
if (status != KErrNone)
{
LOG_1("<- CPKCS12Handler::AttachCertificateL() LEAVE: %d", status);
User::Leave(status);
}
LOG_("<- CPKCS12Handler::AttachCertificateL() OK");
}
static inline int xlog_helper(struct sip_msg* msg, xl_msg_t *xm,
int level, int line, int facility)
{
str txt;
txt.len = buf_size;
if(xl_print_log(msg, xm->m, _xlog_buf, &txt.len)<0)
return -1;
txt.s = _xlog_buf;
/* if facility is not explicitely defined use the xlog default facility */
if (facility==NOFACILITY) {
facility = xlog_facility;
}
if(line>0)
if(long_format==1)
LOG_(facility, level, _xlog_prefix,
"%s:%d:%.*s",
(xm->a)?(((xm->a->cfile)?xm->a->cfile:"")):"",
(xm->a)?xm->a->cline:0, txt.len, txt.s);
else
LOG_(facility, level, _xlog_prefix,
"%d:%.*s", (xm->a)?xm->a->cline:0, txt.len, txt.s);
else
LOG_(facility, level, _xlog_prefix,
"%.*s", txt.len, txt.s);
return 1;
}
static void switch_channel(const char *dev, int channel)
{
struct iwreq wrq;
int sock = socket(PF_INET, SOCK_DGRAM, 0);
if (sock < 0)
{
LOG_("socket failed. %d, %s", errno, strerror(errno));
return;
}
memset(&wrq, 0, sizeof(struct iwreq));
strncpy(wrq.ifr_name, dev, IFNAMSIZ);
wrq.u.freq.m = (double) channel;
wrq.u.freq.e = (double) 0;
if(ioctl(sock, SIOCSIWFREQ, &wrq) < 0)
{
usleep(10000); /* madwifi needs a second chance */
if(ioctl(sock, SIOCSIWFREQ, &wrq) < 0)
{
LOG_("change channel to %d failed. %d, %s", channel, errno, strerror(errno));
}
else
{
LOG_("retry to change channel to %d ok", channel);
}
}
else
{
LOG_("change channel to %d ok", channel);
}
close(sock);
}
void CPolicyImporter::StateImportUserPrivKeyL()
{
LOG_("CPolicyImporter::StateImportUserPrivKeyL() entry");
SetCurrState(EStateImportUserPrivKey);
iCurrUserPrivKeyIndex++;
if (iCurrUserPrivKeyIndex == iCurrUserPrivKeyList->Count())
{
GotoState(EStateImportPinAndPol);
LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit (all keys imported)");
return;
}
delete iKeyFileData;
iKeyFileData = NULL;
iKeyFileData = iFileUtil.LoadFileDataL(iCurrUserPrivKeyList->At(iCurrUserPrivKeyIndex));
CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex);
TPkiServiceStoreType storeType = GetStoreTypeL(data);
iPkiService.SetStoreType(storeType);
iPkiService.StoreKeypair(iCurrKeyId, *iKeyFileData, iStatus);
SetNextState(EStateAfterImportUserPrivKey);
SetActive();
LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit");
}
TPkiServiceStoreType CPolicyImporter::GetStoreTypeL(CIkeData* aData)
{
TPkiServiceStoreType ret(EPkiStoreTypeAny);
if (aData->iClientCertType)
{
HBufC8* storename = aData->iClientCertType->GetAsciiDataL();
CleanupStack::PushL(storename);
LOG(Log::Printf(_L8("CPolicyImporter::BuildPeerCertListL() Store type defined in policy: %S\n"), &(*storename)));
if (storename->Compare(_L8("DEVICE")) == 0)
{
LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses DEVICE store\n");
ret = EPkiStoreTypeDevice;
}
else
{
LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses USER store\n");
ret = EPkiStoreTypeUser;
}
CleanupStack::PopAndDestroy(storename);
}
else
{
LOG_("CPolicyImporter::GetStoreType() No store type specified in policy");
}
return ret;
}
void CPolicyImporter::StateImportPeerCertL()
{
LOG_("CPolicyImporter::StateImportOtherCaCertL() entry");
SetCurrState(EStateImportPeerCert);
iCurrOtherCaCertIndex++;
if (iCurrOtherCaCertIndex == iCurrOtherCaCertList->Count())
{
GotoState(EStateImportUserPrivKey);
LOG_("CPolicyImporter::StateImportOtherCaCertL() exit (all intermediate CAs imported)");
return;
}
delete iCertFileData;
iCertFileData = NULL;
iCertFileData = iFileUtil.LoadFileDataL(iCurrOtherCaCertList->At(iCurrOtherCaCertIndex));
CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex);
TPkiServiceStoreType storeType = GetStoreTypeL(data);
iPkiService.SetStoreType(storeType);
iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData,
&iPkiOpContext, iStatus);
SetNextState(EStateAfterImportPeerCert);
SetActive();
LOG_("CPolicyImporter::StateImportOtherCACertL() exit");
}
void CPolicyImporter::StateImportCaCertL()
{
LOG_("CPolicyImporter::StateImportCaCertL() entry");
SetCurrState(EStateImportCaCert);
iCurrCaCertIndex++;
if (iCurrCaCertIndex == iCurrCaCertList->Count())
{
GotoState(EStateImportPeerCert);
LOG_("CPolicyImporter::StateImportCaCertL() exit (all CA certs imported)");
return;
}
delete iCertFileData;
iCertFileData = NULL;
iCertFileData = iFileUtil.LoadFileDataL(iCurrCaCertList->At(iCurrCaCertIndex));
iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData,
&iPkiOpContext, iStatus);
SetNextState(EStateAfterImportCaCert);
SetActive();
LOG_("CPolicyImporter::StateImportCaCertL() exit");
}
void CPolicyImporter::DoImportPolicyL(const TDesC& aDir)
{
LOG_("-> CPolicyImporter::DoImportPolicyL()");
iImportDir.Copy(aDir);
iCurrPolicyIdIndex = -1;
BuildPolicyIdListL();
if (iPolicyIdList->Count() == 0)
{
ImportComplete(KErrNone);
return;
}
if (iImportSinglePolicy && iPolicyIdList->Count() != 1)
{
// We're supposed to import a single policy
// only but the import directory contains
// multiple policies...
ImportComplete(KErrArgument);
return;
}
// All is well, so begin import
GotoState(EStateBeginPolicyImport);
LOG_("<- CPolicyImporter::DoImportPolicyL()");
}
EXPORT_C CPKCS12Handler* CPKCS12Handler::NewL()
{
LOG_("-> CPKCS12Handler::NewL(empty)");
CPKCS12Handler* self = NewLC();
CleanupStack::Pop(self);
LOG_("<- CPKCS12Handler::NewL(empty)");
return self;
}
void CPolicyImporter::ImportPolicyL(const TDesC& aDir)
{
LOG_("-> CPolicyImporter::ImportPolicyL()");
iImportSinglePolicy = EFalse;
iNewPolicyId = &iPolicyId;
DoImportPolicyL(aDir);
LOG_("<- CPolicyImporter::ImportPolicyL()");
}
EXPORT_C CPKCS12Handler* CPKCS12Handler::NewL(RPKIServiceAPI& aPkiServiceApi)
{
LOG_("-> CPKCS12Handler::NewL()");
CPKCS12Handler* self = NewLC(aPkiServiceApi);
CleanupStack::Pop(self);
LOG_("<- CPKCS12Handler::NewL()");
return self;
}
void CPolicyImporter::ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId)
{
LOG_("-> CPolicyImporter::ImportSinglePolicyL()");
iImportSinglePolicy = ETrue;
iNewPolicyId = &aNewPolicyId;
DoImportPolicyL(aDir);
LOG_("<- CPolicyImporter::ImportSinglePolicyL()");
}
EXPORT_C CPKCS12Handler* CPKCS12Handler::NewLC(RPKIServiceAPI& aPkiServiceApi)
{
LOG_("-> CPKCS12Handler::NewLC()");
CPKCS12Handler* self = new (ELeave) CPKCS12Handler(aPkiServiceApi);
CleanupStack::PushL(self);
self->ConstructL();
LOG_("<- CPKCS12Handler::NewLC()");
return self;
}
EXPORT_C CPKCS12Handler* CPKCS12Handler::NewLC()
{
LOG_("-> CPKCS12Handler::NewLC(empty)");
CPKCS12Handler* self = new (ELeave) CPKCS12Handler();
CleanupStack::PushL(self);
self->ConstructL();
LOG_("<- CPKCS12Handler::NewLC(empty)");
return self;
}
void CPolicyImporter::BuildUserPrivKeyAndUserCertListL()
{
LOG_("-> CPolicyImporter::BuildUserPrivKeyAndUserCertListL()");
delete iCurrUserPrivKeyList;
iCurrUserPrivKeyList = NULL;
iCurrUserPrivKeyList = new (ELeave) CArrayFixFlat<TFileName>(2);
delete iCurrUserCertList;
iCurrUserCertList = NULL;
iCurrUserCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
TFileName *fileName = new (ELeave) TFileName;
CleanupStack::PushL(fileName);
for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++)
{
CIkeData* ikeData = iCurrIkeDataArray->At(i);
fileName->Zero();
if (ikeData->iOwnCert.iData.Length() > 0 &&
ikeData->iOwnCert.iFormat == BIN_CERT)
{
//First check that defined user cert is found and if so
//add the file name to the list
*fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iOwnCert.iData);
if (!iFileUtil.FileExists(*fileName))
{
User::Leave(KVpnErrInvalidUserCertFile);
}
AppendIfNotFoundL( iCurrUserCertList, fileName );
//After the user cert is found check that the assosiated private key
//is found.
if (ikeData->iPrivKey.iData.Length() > 0 &&
ikeData->iPrivKey.iFormat == BIN_CERT)
{
fileName->Zero();
*fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPrivKey.iData);
if (!iFileUtil.FileExists(*fileName))
{
User::Leave(KVpnErrInvalidUserPrivKeyFile);
}
AppendIfNotFoundL( iCurrUserPrivKeyList, fileName );
}
else
{
User::Leave(KVpnErrInvalidPolicyFile);
}
}
}
CleanupStack::PopAndDestroy(); //fileName
LOG_("<- CPolicyImporter::BuildUserPrivKeyAndUserCertListL()");
}
/**
* Instantiate S60 PKCS#12 handler upon construction.
*/
void CPKCS12Handler::ConstructL()
{
LOG_("-> CPKCS12Handler::ConstructL()");
iPkcsHandler = PKCS12Factory::CreateL();
User::LeaveIfError(iNotifier.Connect());
User::LeaveIfError(iFs.Connect());
LOG_("<- CPKCS12Handler::ConstructL() OK");
}
void CPKCS12Handler::StoreCertificatesL()
{
LOG_("-> CPKCS12Handler::StoreCertificatesL()");
TInt certCount = iCACerts->Count();
for (TInt i = 0; i < certCount; i++)
{
CX509Certificate* cert = iCACerts->At(i);
StoreCertificateL(cert);
}
LOG_("<- CPKCS12Handler::StoreCertificatesL() OK");
}
CPolicyImporter* CPolicyImporter::NewL(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant,
CPolicyStore& aPolicyStore, RFs& aFs)
{
LOG_("-> CPolicyImporter::NewL()");
CPolicyImporter* self = new (ELeave) CPolicyImporter(aStatus, aVpnApiServant, aPolicyStore, aFs);
CleanupStack::PushL(self);
self->ConstructL();
CleanupStack::Pop(); // self
LOG_("<- CPolicyImporter::NewL()");
return self;
}
/**---------------------------------------------------------
*
* ~CPKISession(void)
*
*----------------------------------------------------------*/
CPKISession::~CPKISession(void)
{
LOG_("-> CPKISession::~CPKISession()");
delete iKeyList;
delete iWrapper;
iUidArray.Close();
iServer.SessionDeleted();
LOG_("<- CPKISession::~CPKISession()");
}
/**
* Release resources.
* Note: CPKCS12Handler's parent owns the RPKIServiceAPI instance
*/
EXPORT_C CPKCS12Handler::~CPKCS12Handler()
{
LOG_("-> CPKCS12Handler::~CPKCS12Handler()");
iPkcsHandler->Release();
iNotifier.Close();
delete iPassword;
delete iOutputDir;
iFileOut.Close();
iFs.Close();
LOG_("<- CPKCS12Handler::~CPKCS12Handler()");
}
void CPKCS12Handler::StoreKeyPairsL()
{
LOG_("-> CPKCS12Handler::StoreKeyPairsL()");
TInt keycount = iPrivKeys->Count();
for (TInt i = 0; i < keycount; i++)
{
HBufC8* key = iPrivKeys->At(i);
TPtrC8 keyPtr = *key;
StoreSingleKeyL(*key);
}
LOG_("<- CPKCS12Handler::StoreKeyPairsL() OK");
}
void CPolicyImporter::ImportComplete(TInt aReturnValue)
{
LOG_("-> CPolicyImporter::ImportComplete()");
if (iImportSinglePolicy)
{
User::RequestComplete(iExtStatus, aReturnValue);
}
else
{
iMessage.Complete(aReturnValue);
}
CleanImportDirectory();
iVpnApiServant.PolicyImportComplete();
LOG_("<- CPolicyImporter::ImportComplete()");
}
void CPKCS12Handler::SaveCertificatesToDiskL()
{
LOG_("-> CPKCS12Handler::SaveCertificatesToDiskL()");
TInt certCount(0);
// first the CAs (if any; not required necessarily)
if (iCACerts)
{
certCount = iCACerts->Count();
LOG_1(" Saving %d CA Certificates", certCount);
for (TInt i = 0; i < certCount; i++)
{
CX509Certificate* cert = iCACerts->At(i);
// Generate filename with running identifier
// Use TFileName, because the function isn't stack
// critical
TFileName fn;
fn.Format(KCAFileNameStem(), i+1);
WriteToFileL(cert->Encoding(), fn);
}
}
LOG(else LOG_(" No CA Certs found!"));
// Then the user certs
if (iUserCerts)
{
certCount = iUserCerts->Count();
LOG_1(" Saving %d User Certificates", certCount);
for (TInt i = 0; i < certCount; i++)
{
CX509Certificate* cert = iUserCerts->At(i);
TFileName fn;
fn.Format(KUserCertFileNameStem(), i+1);
WriteToFileL(cert->Encoding(), fn);
}
}
LOG(else LOG_(" No User Certs found!"));
LOG_("<- CPKCS12Handler::SaveCertificatesToDiskL()");
}
// ---------------------------------------------------------------------------
// CVpnSipObserver::RunL
// ---------------------------------------------------------------------------
//
void CVpnSipObserver::RunL()
{
LOG_1( "CVpnSipObserver::RunL iStatus = %d", iStatus.Int());
if ( iStatus == KErrNone )
{
TInt val = 0;
// SIP Profile Server notified completion of SIP deregistration.
TInt err = iSIPProperty.Get( KPSVpnSipUid, KVpnSipState, val );
if ( err == KErrNone && val == ESipDeregisterCompleted )
{
// If SIP is deregistered, let the VPN Connection Agent to
// proceed VPN session start.
LOG_( "CVpnSipObserver::RunL SIP is deregistered. VPN Connection Agent continue with VPN start." );
iAgent.ProceedServiceStart();
}
else
{
// Keep monitoring.
Subscribe();
}
}
// Check if observer can be restarted.
else if ( iStatus != KErrCancel
&& iStatus != KErrServerTerminated
&& iStatus != KErrNotSupported )
{
// Keep monitoring.
Subscribe();
}
else
{
// Error.
LOG_1( "CVpnSipObserver::RunL Unknown error situation, iStatus = %d", iStatus.Int() );
}
}
void CPolicyImporter::BuildPeerCertListL()
{
LOG(Log::Printf(_L8("-> CPolicyImporter::BuildPeerCertListL()\n")));
delete iCurrPeerCertList;
iCurrPeerCertList = NULL;
iCurrPeerCertList = new (ELeave) CArrayFixFlat<TFileName>(2);
TFileName *fileName = new (ELeave) TFileName;
CleanupStack::PushL(fileName);
for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++)
{
CIkeData* ikeData = iCurrIkeDataArray->At(i);
fileName->Zero();
if (ikeData->iPeerCert.iData.Length() > 0 &&
ikeData->iPeerCert.iFormat == BIN_CERT)
{
*fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPeerCert.iData);
if (!iFileUtil.FileExists(*fileName))
{
User::Leave(KVpnErrPeerCertFileMissing);
}
AppendIfNotFoundL( iCurrPeerCertList, fileName );
}
}
CleanupStack::PopAndDestroy(); //fileName
LOG_("<- CPolicyImporter::BuildPeerCertListL()");
}
bool Shader::Init(const std::string& fileName, unsigned int additionalAttributes, const std::string& vertexFunctionName, const std::string& pixelFunctionName){
LOG_("Shaders: Init... ");
pVertexShader = InitVertexShader(fileName, vertexFunctionName);
pPixelShader = InitPixelShader (fileName, pixelFunctionName);
if (! ConstructInputLayout(additionalAttributes) ){
LOG("Error!");
return false;
}
matrixBuffer = CreateShaderConstantsBuffer(sizeof(MatrixBufferType));
if (!matrixBuffer){
LOG("Error!");
return false;
}
lightBuffer = CreateShaderConstantsBuffer(sizeof(LightBufferType));
if (!lightBuffer){
LOG("Error!");
return false;
}
LOG("OK!");
return true;
}
/**
* Helper function for tasks.
*
* @data any data.
* @nr flag bit number.
* @flags_p pointer to flags data.
* @wq workqueue.
* @task task.
*
* RETURN:
* pack_work if really enqueued, or NULL.
*/
struct pack_work* enqueue_task_if_necessary(
void *data, int nr, unsigned long *flags_p,
struct workqueue_struct *wq, void (*task)(struct work_struct *))
{
struct pack_work *pwork = NULL;
int ret;
ASSERT(task);
ASSERT(wq);
retry:
if (!test_and_set_bit(nr, flags_p)) {
pwork = create_pack_work(data, GFP_NOIO);
if (!pwork) {
LOGn("memory allocation failed.\n");
clear_bit(nr, flags_p);
schedule();
goto retry;
}
LOG_("enqueue task for %d\n", nr);
INIT_WORK(&pwork->work, task);
ret = queue_work(wq, &pwork->work);
if (!ret) {
LOGe("work is already on the queue.\n");
}
}
return pwork;
}
void CPKCS12Handler::AttachCertificatesL()
{
LOG_("-> CPKCS12Handler::AttachCertificatesL()");
TInt certCount = iUserCerts->Count();
for (TInt i = 0; i < certCount; i++)
{
CX509Certificate* cert = iUserCerts->At(i);
TKeyIdentifier certKeyId = cert->KeyIdentifierL();
// Note: KeyID parameter is effectively redundant
// (it can always be fetched from CX509Certificate object)
AttachCertificateL(cert, certKeyId);
}
LOG_("<- CPKCS12Handler::AttachCertificatesL() OK");
}
