summaryrefslogtreecommitdiffstats
path: root/src/importcertificatedialog.cpp
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2011-12-06 12:36:58 -0600
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2011-12-06 12:36:58 -0600
commitd08a0ede1d2cb15bb14b0ff75eacf5c682b1fa0a (patch)
treee5ce4701bac540038a279b4e208c86390a24ba11 /src/importcertificatedialog.cpp
downloadkvpnc-d08a0ede1d2cb15bb14b0ff75eacf5c682b1fa0a.tar.gz
kvpnc-d08a0ede1d2cb15bb14b0ff75eacf5c682b1fa0a.zip
Initial import of year-and-a-half-old upstream version 0.9.6a
Diffstat (limited to 'src/importcertificatedialog.cpp')
-rw-r--r--src/importcertificatedialog.cpp1362
1 files changed, 1362 insertions, 0 deletions
diff --git a/src/importcertificatedialog.cpp b/src/importcertificatedialog.cpp
new file mode 100644
index 0000000..2fbc281
--- /dev/null
+++ b/src/importcertificatedialog.cpp
@@ -0,0 +1,1362 @@
+/***************************************************************************
+* Copyright (C) 2004 by Christoph Thielecke *
+* crissi99@gmx.de *
+* *
+* @description This class imports a certificate *
+* *
+* @author Christoph Thielecke <crissi99@gmx.de> *
+* *
+* This program is free software; you can redistribute it and/or modify *
+* it under the terms of the GNU General Public License as published by *
+* the Free Software Foundation; either version 2 of the License, or *
+* (at your option) any later version. *
+* *
+* This program is distributed in the hope that it will be useful, *
+* but WITHOUT ANY WARRANTY; without even the implied warranty of *
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+* GNU General Public License for more details. *
+* *
+* You should have received a copy of the GNU General Public License *
+* along with this program; if not, write to the *
+* Free Software Foundation, Inc., *
+* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+***************************************************************************/
+//BEGIN includes
+#include "importcertificatedialog.h"
+#include <kmessagebox.h>
+#include <klocale.h>
+#include <kurlrequester.h>
+#include <kpassdlg.h>
+#include <kcombobox.h>
+#include <kdebug.h>
+#include <klineedit.h>
+#include <iostream>
+#include <qfile.h>
+#include <qdir.h>
+#include <qtextstream.h>
+#include <qcursor.h>
+#include <qcheckbox.h>
+#include <qurl.h>
+#include <iostream>
+#include "kvpncconfig.h"
+#include "utils.h"
+//END includes
+
+ImportCertificateDialog::ImportCertificateDialog ( QWidget *parent, const char* caption, KVpncConfig *GlobalConfig )
+ : KDialogBase ( parent, i18n ( "Import Certificate" ).ascii(), true, caption,
+ KDialogBase::Ok|KDialogBase::Cancel, KDialogBase::Ok, true )
+{
+ main = new ImportCertificateDialogBase ( this );
+ setMainWidget ( main );
+ main->setMinimumSize ( main->sizeHint() );
+
+ this->GlobalConfig = GlobalConfig;
+ filename = "";
+ certHash = "";
+ CertFullPath="";
+ CaCertFullPath="";
+ importOk = false;
+ importSuccess = true;
+ doHash = false;
+ doExit=true;
+ error_found=false;
+ certName = "";
+ certpath = "/etc/racoon/certs/";
+ pathToOpenSSL = GlobalConfig->pathToOpenssl;
+ main->RacoonCertificatePathUrlrequester->setMode ( 2 ); // directory
+ main->FilenameUrlrequester->setFilter ( "*" );
+ askpasscount=0;
+
+ env = new QStringList();
+ *env << "LC_ALL=C" << "LANG=C" << "PATH=/bin:/usr/bin:/usr/sbin:/sbin";
+
+ connect ( main->ImporttypeComboBox, SIGNAL ( activated ( int ) ), this, SLOT ( typeToggeled ( int ) ) );
+ typeToggeled ( main->ImporttypeComboBox->currentItem() );
+
+ connect (main->UsePrivateKeyPasswordCheckBox, SIGNAL( toggled(bool)), this, SLOT(usePrivateKeyPassToggled(bool)));
+ usePrivateKeyPassToggled(main->UsePrivateKeyPasswordCheckBox->isChecked());
+
+ // TMP
+ /*
+ main->FilenameUrlrequester->setURL( "/home/crissi/thielecke.p12" );
+ //main->RacoonCertificatePathUrlrequester->setURL( "/etc/racoon/certs/" );
+ main->ImporttypeComboBox->setCurrentItem( 1 );
+ main->PrivateKeyPasswordEdit->setText( "12345678" );
+ main->PrivateKeyAgainPasswordEdit->setText( "12345678" );
+ */
+ //main->ImportPasswordEdit->setText( "blah99" );
+
+
+}
+
+ImportCertificateDialog::~ImportCertificateDialog()
+{
+ delete main;
+}
+
+void ImportCertificateDialog::accept()
+{
+
+ importOk = true;
+ done=false;
+ error_found=false;
+
+ filename = main->FilenameUrlrequester->url();
+ importpassword = main->ImportPasswordEdit->text();
+ certpath = main->RacoonCertificatePathUrlrequester->url();
+
+ if ( filename.isEmpty() )
+ {
+ KMessageBox::sorry ( 0, i18n ( "File name cannot be empty!" ), i18n ( "Empty File Name" ) );
+ importOk = false;
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ // if ( filename.right( 3 ) != "p12" || filename.right (3) != "der" || filename.right (3) != "crt" ) {
+ // KMessageBox::sorry( 0, i18n( "File name isnt ended by \'p12\', 'der' or \'crt\'!" ), i18n( "Wrong File Name" ) );
+ // importOk = false;
+ // return;
+ // }
+
+ GlobalConfig->appPointer->setOverrideCursor ( QCursor ( Qt::WaitCursor ) );
+
+ QFile f ( filename );
+ if ( f.exists() )
+ {
+ if ( f.open ( IO_ReadOnly ) )
+ {
+ f.close();
+ }
+ else
+ {
+ KMessageBox::sorry ( 0, i18n ( "File does not exist!" ), i18n ( "No File" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: file \"%1\" does not exist." ).arg ( filename ),GlobalConfig->error );
+
+ importOk = false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ }
+ else
+ {
+ KMessageBox::sorry ( 0, i18n ( "File not readable!" ), i18n ( "Insufficient Rights" ) );
+
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: file \"%1\" is not readable." ).arg ( filename ),GlobalConfig->error );
+ importOk = false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ certpath="/etc/ipsec.d";
+ if ( !QDir ( certpath ).exists() )
+ {
+ if ( !QDir().mkdir ( certpath ) )
+ {
+ KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d" ),GlobalConfig->error );
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d" ),GlobalConfig->debug );
+ if ( !QDir ( "/etc/ipsec.d/certs" ).exists() )
+ {
+ if ( !QDir().mkdir ( "/etc/ipsec.d/certs" ) )
+ {
+ KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d/certs" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d/certs" ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d/certs" ),GlobalConfig->debug );
+ if ( !QDir ( "/etc/ipsec.d/cacerts" ).exists() )
+ if ( !QDir().mkdir ( "/etc/ipsec.d/cacerts" ) )
+ {
+ KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d/cacerts" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d/cacerts" ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d/cacerts" ),GlobalConfig->debug );
+ }
+ }
+ }
+ }
+ }
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+ certpath="/etc/racoon/certs";
+ if ( !QDir ( certpath ).exists() )
+ if ( !QDir().mkdir ( certpath ) )
+ {
+ KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( certpath ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist." ).arg ( certpath ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( certpath ),GlobalConfig->debug );
+ }
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+ certpath = main->RacoonCertificatePathUrlrequester->url();
+ if ( !QDir ( certpath ).exists() )
+ if ( !QDir().mkdir ( certpath ) )
+ {
+ KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( certpath ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist." ).arg ( certpath ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( certpath ),GlobalConfig->debug );
+ }
+ }
+
+// if ( (main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
+// main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
+// main->ImporttypeComboBox->currentItem() == pkcs12_racoon
+// ) &&
+// importpassword.isEmpty() )
+// {
+// importOk = false;
+// KMessageBox::sorry( 0, i18n( "Password can't be empty!" ), i18n( "Empty Password" ) );
+// return;
+// }
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (main->PrivateKeyPasswordEdit->text().isEmpty() || main->PrivateKeyPasswordEdit->text().length() < 4) )
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Private key password field can not be empty or less than 4 characters!" ), i18n ( "Password Empty or Too Short" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (main->PrivateKeyAgainPasswordEdit->text().isEmpty() || main->PrivateKeyAgainPasswordEdit->text().length() < 4 ))
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Private key password (again) field can not be empty!" ), i18n ( "Password Empty or Too Short" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ if ( importOk )
+ {
+ if ( QString ( main->PrivateKeyPasswordEdit->password() ) != QString ( main->PrivateKeyAgainPasswordEdit->password() ) )
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Private key passwords does not match!" ), i18n ( "Passwords Do Not Match" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ privatekeypassword= QString ( main->PrivateKeyAgainPasswordEdit->password() );
+ }
+ }
+ }
+ if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
+ {
+ if (main->UsePrivateKeyPasswordCheckBox->isChecked() && ( main->PrivateKeyPasswordEdit->text().isEmpty() || main->PrivateKeyPasswordEdit->text().length() < 4 ))
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Certificate password field can not be empty or less than 4 characters!" ), i18n ( "Password Empty or Too Short" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ if (main->UsePrivateKeyPasswordCheckBox->isChecked() && ( main->PrivateKeyAgainPasswordEdit->text().isEmpty() || main->PrivateKeyAgainPasswordEdit->text().length() < 4 ))
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Certificate password (again) field can not be empty!" ), i18n ( "Password Empty or Too Short" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ if ( importOk )
+ {
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (QString ( main->PrivateKeyPasswordEdit->password() ) != QString ( main->PrivateKeyAgainPasswordEdit->password() ) ))
+ {
+ importOk = false;
+ KMessageBox::sorry ( 0, i18n ( "Certificate passwords does not match!" ), i18n ( "Passwords Do Not Match" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ if (main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ privatekeypassword= QString ( main->PrivateKeyAgainPasswordEdit->password() );
+ }
+ }
+ }
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ kdDebug() << "file: " << filename << ", type: " << main->ImporttypeComboBox->currentItem() << endl;
+
+ bool found=true;
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+ // looking for openssl
+
+ QString bin="openssl";
+ ToolInfo *tool = Utils ( GlobalConfig ).getToolInfo ( "openssl" );
+ //std::cout << "Tool (bin): " << bin << std::endl;
+
+ if ( tool->PathToExec.section ( '/',-1 ) != bin )
+ {
+ // program is NOT installed
+ KMessageBox::error ( this, i18n ( "The required tool (%1) is not installed, please install it first and restart kvpnc." ).arg ( bin ), i18n ( "Tool missing" ) );
+ found=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ if ( !found )
+ {
+ KMessageBox::error ( this, i18n ( "Unable to find \"%1\"!" ).arg ( "openssl" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Unable to find \"%1\"!" ).arg ( "openssl" ) ,GlobalConfig->error );
+ importOk = false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+
+ QString file = Utils ( this->GlobalConfig ).removeSpecialCharsForFilename ( QUrl ( filename ).fileName() );
+ certName = file.left ( file.length() - 4 ); // peter_pan.p12 -> peter_pan
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+ QString type="";
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon )
+ type="racoon";
+ else
+ type="OpenVPN";
+ QFile certpathtest ( certpath + "/." );
+
+ if ( !certpathtest.exists() )
+ {
+ KMessageBox::error ( this, i18n ( "%1 certificate path (%2) does not exist!" ).arg ( type ).arg ( certpath ) );
+ GlobalConfig->appendLogEntry ( i18n ( "%1 certificate path (%2) does not exist!" ).arg ( type ).arg ( certpath ) ,GlobalConfig->error );
+ importOk=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ QFile testfile ( QString ( certpath + "/test" ) );
+ if ( !testfile.open ( IO_WriteOnly ) )
+ {
+ KMessageBox::error ( this, i18n ( "%1 certificate path (%2) is not writeable!" ).arg ( type ).arg ( certpath ) );
+ GlobalConfig->appendLogEntry ( i18n ( "%1 certificate path (%2) is not writeable!" ).arg ( type ).arg ( certpath ) ,GlobalConfig->error );
+ importOk = false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ testfile.remove();
+ }
+ }
+ }
+ }
+
+ // here we go
+ if ( importOk )
+ {
+
+ /*
+ FreeSWAN/Racoon:
+ openssl pkcs12 -in cert.p12 -clcerts -out /etc/racoon/certs/mykeys_company.pem -nodes
+
+ DER:
+ openssl x509 -in cert.crt -out ca_company.pem -inform DER
+
+ */
+ // std::cout << "[std]:" << "settings ok." << std::endl;
+
+ ImportProcess = new QProcess ( this );
+
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+ ImportProcess->addArgument ( pathToOpenSSL );
+ }
+ if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
+ {
+ ImportProcess->addArgument ( GlobalConfig->pathToCiscoCertMgr );
+ }
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
+ main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
+ main->ImporttypeComboBox->currentItem() == pkcs12_openvpn
+ )
+ {
+ ImportProcess->addArgument ( "pkcs12" );
+ ImportProcess->addArgument ( "-in" );
+ ImportProcess->addArgument ( filename );
+ ImportProcess->addArgument ( "-nodes" );
+ ImportProcess->addArgument ( "-clcerts" );
+ ImportProcess->addArgument ( "-out" );
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+
+ ImportProcess->addArgument ( "x509" );
+ ImportProcess->addArgument ( "-in" );
+ ImportProcess->addArgument ( filename );
+ ImportProcess->addArgument ( "-out" );
+ ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
+ ImportProcess->addArgument ( "-inform" );
+ ImportProcess->addArgument ( "DER" );
+ }
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ ImportProcess->addArgument ( "/etc/ipsec.d/certs/mykeys_" + certName + ".pem" ); // warning: static
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+ ImportProcess->addArgument ( certpath + "/mykeys_" + certName + ".pem" );
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
+ {
+ if (main->ImporttypeComboBox->currentItem() == cisco)
+ ImportProcess->addArgument ( "-U" );
+ if (main->ImporttypeComboBox->currentItem() == ciscoca)
+ ImportProcess->addArgument ( "-R" );
+ if (main->ImporttypeComboBox->currentItem() == ciscouserca)
+ {
+ ImportProcess->addArgument ( "-U" );
+ ImportProcess->addArgument ( "-R" );
+ }
+ ImportProcess->addArgument ( "-op" );
+ ImportProcess->addArgument ( "import" );
+ ImportProcess->addArgument ( "-f" );
+ ImportProcess->addArgument ( filename );
+
+ }
+
+
+ connect ( ImportProcess, SIGNAL ( readyReadStdout() ), this, SLOT ( readFromStdout_import() ) );
+ connect ( ImportProcess, SIGNAL ( readyReadStderr() ), this, SLOT ( readFromStderr_import() ) );
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
+ main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
+ main->ImporttypeComboBox->currentItem() == pkcs12_openvpn
+ )
+ {
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doCacert() ) );
+ }
+ if ( main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doCreateHash() ) );
+ }
+
+ if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca)
+ {
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( ciscoCertMgrExited() ) );
+ }
+
+ if ( !ImportProcess->start ( env ) )
+ {
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "openssl" ) );
+ if ( main->ImporttypeComboBox->currentItem() == cisco )
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "cisco_cert_mgr" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ doExit=true;
+
+ QString processname = "";
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
+ {
+ processname="openssl";
+
+ if ( GlobalConfig->KvpncDebugLevel >3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("accept()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
+
+ if ( main->ImportPasswordEdit->text().isEmpty() )
+ ImportProcess->writeToStdin ( "\n" );
+ else
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
+
+ }
+ if ( main->ImporttypeComboBox->currentItem() == cisco )
+ processname="cisco_cert_mgr";
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Process (%1) started." ).arg (processname ),GlobalConfig->debug );
+
+ if ( main->ImporttypeComboBox->currentItem() == cisco /*|| main->ImporttypeComboBox->currentItem() == ciscoca*/ )
+ {
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() +"\n");
+ if (main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ {
+ ImportProcess->writeToStdin ( QString ( main->PrivateKeyPasswordEdit->password() ) + "\n" );
+ ImportProcess->writeToStdin ( QString ( main->PrivateKeyPasswordEdit->password() ) + "\n" );
+ }
+ }
+ }
+ }
+}
+
+void ImportCertificateDialog::canAccept()
+{
+ if ( importSuccess )
+ {
+ KMessageBox::information ( 0, i18n ( "Certificate was sucessfully imported." ), i18n ( "Import Successful" ) );
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate was successfully imported." ),GlobalConfig->debug );
+ }
+ else
+ {
+ KMessageBox::sorry ( 0, i18n ( "Certificate import failed." ), i18n ( "Import Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate could not be imported." ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ QString bin="ipsec";
+ ToolInfo *tool;
+ //std::cout << "Tool (bin): " << bin << std::endl;
+ if ( !GlobalConfig->ToolList->isEmpty() )
+ {
+ for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
+ {
+ if ( bin == tool->Name )
+ {
+ if ( tool->PathToExec.section ( '/',-1 ) != bin )
+ {
+ // program is NOT installed
+ KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ break;
+ }
+ }
+ }
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon )
+ {
+ QString bin="racoon";
+ ToolInfo *tool;
+ //std::cout << "Tool (bin): " << bin << std::endl;
+ if ( !GlobalConfig->ToolList->isEmpty() )
+ {
+ for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
+ {
+ if ( bin == tool->Name )
+ {
+ if ( tool->PathToExec.section ( '/',-1 ) != bin )
+ {
+ // program is NOT installed
+ KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ break;
+ }
+ }
+ }
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+ QString bin="openvpn";
+ ToolInfo *tool;
+ //std::cout << "Tool (bin): " << bin << std::endl;
+ if ( !GlobalConfig->ToolList->isEmpty() )
+ {
+ for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
+ {
+ if ( bin == tool->Name )
+ {
+ if ( tool->PathToExec.section ( '/',-1 ) != bin )
+ {
+ // program is NOT installed
+ KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ break;
+ }
+ }
+ }
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
+ {
+ QString bin="cisco_cert_mgr";
+ ToolInfo *tool;
+ //std::cout << "Tool (bin): " << bin << std::endl;
+ if ( !GlobalConfig->ToolList->isEmpty() )
+ {
+ for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
+ {
+ if ( bin == tool->Name )
+ {
+ if ( tool->PathToExec.section ( '/',-1 ) != bin )
+ {
+ // program is NOT installed
+ KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ break;
+ }
+ }
+ }
+ }
+ GlobalConfig->appPointer->restoreOverrideCursor();
+
+ if ( doExit )
+ QDialog::accept();
+}
+
+void ImportCertificateDialog::reject()
+{
+ importOk=false;
+ importSuccess=false;
+ QDialog::reject();
+}
+
+void ImportCertificateDialog::doCacert()
+{
+ disconnect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doCacert() ) );
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doCacert()"),GlobalConfig->debug );
+
+ if ( ImportProcess->normalExit () )
+ {
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ Utils ( GlobalConfig,this ).doChmod ( "/etc/ipsec.d/certs/mykeys_" + certName + ".pem","go-rwx" );
+ }
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ {
+ Utils ( GlobalConfig,this ).doChmod ( certpath + "/mykeys_" + certName + ".pem","go-rwx" );
+ }
+
+ /*
+ openssl pkcs12 -in cert.p12 -nokeys -cacerts -out /etc/racoon/certs/ca_company.pem -nodes
+ */
+ ImportProcess->clearArguments();
+ ImportProcess->addArgument ( pathToOpenSSL );
+ ImportProcess->addArgument ( "pkcs12" );
+ ImportProcess->addArgument ( "-in" );
+ ImportProcess->addArgument ( filename );
+ ImportProcess->addArgument ( "-nokeys" );
+ ImportProcess->addArgument ( "-cacerts" );
+ ImportProcess->addArgument ( "-out" );
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ ImportProcess->addArgument ( "/etc/ipsec.d/cacerts/ca_" + certName + ".pem" ); // warning: static
+ CaCertFullPath="/etc/ipsec.d/cacerts/ca_" + certName + ".pem";
+ }
+ else
+ {
+ ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
+ CaCertFullPath=certpath + "/ca_" + certName + ".pem";
+ }
+
+ ImportProcess->addArgument ( "-nodes" );
+
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doCreateHash() ) );
+
+ if ( ! ImportProcess->start ( env ) )
+ {
+ KMessageBox::error ( this, i18n ( "Unable to extract CA certificate!" ), i18n ( "Extract Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: CA certificate could not be extracted." ),GlobalConfig->error );
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doCacert()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
+
+ if ( main->ImportPasswordEdit->text().isEmpty() )
+ ImportProcess->writeToStdin ( "\n" );
+ else
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
+
+ doExit=true;
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: CA certificate successful extracted." ),GlobalConfig->debug );
+ }
+ }
+ else
+ {
+ importSuccess=false;
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from accept() failed." ),GlobalConfig->error );
+ }
+}
+
+void ImportCertificateDialog::doPrivateKey()
+{
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( "[dbg]: doPrivateKey()",GlobalConfig->debug );
+ disconnect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doPrivateKey() ) );
+
+ if ( ImportProcess->normalExit () )
+ {
+
+ /*
+ openssl pkcs12 -in cert.p12 -nocerts -out /etc/racoon/certs/ca_company.pem
+ */
+ ImportProcess->clearArguments();
+ ImportProcess->addArgument ( pathToOpenSSL );
+ ImportProcess->addArgument ( "pkcs12" );
+ ImportProcess->addArgument ( "-nocerts" );
+ ImportProcess->addArgument ( "-in" );
+ ImportProcess->addArgument ( filename );
+ ImportProcess->addArgument ( "-out" );
+
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
+
+ if ( !certpath.isEmpty() )
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ CertFullPath=certpath+"/private/" + certName + ".pem";
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ CertFullPath=certpath+"/" + certName + ".pem";
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( exit() ) );
+ else
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( removePrivateKey() ) );
+
+ //LogOutput->append( "priv key: we starting..." );
+ if ( !ImportProcess->start( ) )
+ {
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (private key)!" ) );
+
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: private key could not extracted." ),GlobalConfig->error );
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doPrivateKey()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
+
+// if ( main->ImportPasswordEdit->text().isEmpty() )
+// ImportProcess->writeToStdin ( "\n" );
+// else
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
+
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
+
+ ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
+
+ // we need 4 chars here
+ ImportProcess->writeToStdin ( "abcd\n" );
+
+ }
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
+
+ ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
+
+ // we need 4 chars here
+ ImportProcess->writeToStdin ( "abcd\n" );
+
+ }
+
+ }
+
+ }
+ else
+ {
+ importSuccess=false;
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doLink() failed." ),GlobalConfig->error );
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+}
+
+void ImportCertificateDialog::doCreateHash()
+{
+
+ disconnect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doCreateHash() ) );
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doCreateHash()"),GlobalConfig->debug );
+
+ if ( ImportProcess->normalExit () )
+ {
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ Utils ( GlobalConfig,this ).doChmod ( certpath+"/cacerts/ca_" + certName + ".pem","go-rwx" );
+ else
+ Utils ( GlobalConfig,this ).doChmod ( certpath + "/ca_" + certName + ".pem","go-rwx" );
+
+ /*
+ openssl x509 -noout -hash < /etc/racoon/certs/ca_company.pem
+ */
+ ImportProcess->clearArguments();
+ ImportProcess->addArgument ( pathToOpenSSL );
+ ImportProcess->addArgument ( "x509" );
+ ImportProcess->addArgument ( "-noout" );
+ ImportProcess->addArgument ( "-hash" );
+ ImportProcess->addArgument ( "-in" );
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ ImportProcess->addArgument ( certpath+"/cacerts/ca_" + certName + ".pem" ); // warning: static
+ else
+ ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
+
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doLink() ) );
+
+
+ // LogOutput->append( "hash: we starting..." );
+ if ( !ImportProcess->start( ) )
+ {
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "hash" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: hash could not created." ),GlobalConfig->error );
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doCreateHash()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
+
+ if ( main->ImportPasswordEdit->text().isEmpty() )
+ ImportProcess->writeToStdin ( "\n" );
+ else
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
+ while (ImportProcess->isRunning())
+ {
+ sleep (1);
+ }
+
+ doExit=true;
+ doHash = true;
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: hash successful created." ),GlobalConfig->debug );
+ }
+ }
+ else
+ {
+ importSuccess=false;
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doCert() failed." ),GlobalConfig->error );
+ }
+}
+
+void ImportCertificateDialog::doLink()
+{
+ disconnect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doLink() ) );
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doLink()"),GlobalConfig->debug );
+
+ if ( ImportProcess->normalExit () )
+ {
+
+ doHash = false;
+ ImportProcess->clearArguments();
+ /*
+ ln -s /etc/racoon/certs/ca_company.pem /etc/racoon/certs/<hash>.0
+ */
+ ImportProcess->addArgument ( "ln" );
+ ImportProcess->addArgument ( "-sf" );
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ {
+ ImportProcess->addArgument ( certpath+"/cacerts/ca_" + certName + ".pem" );
+ ImportProcess->addArgument ( certpath+"/cacerts/" + certHash + ".0" );
+ }
+ else
+ {
+ ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
+ ImportProcess->addArgument ( certpath +"/"+ certHash + ".0" );
+ }
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
+ main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( doPrivateKey() ) );
+ else
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( exit() ) );
+
+
+ if ( !ImportProcess->start( ) )
+ {
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "ln -s" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link could not created." ),GlobalConfig->error );
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+ while (ImportProcess->isRunning())
+ {
+ usleep (500);
+ }
+
+ delete ImportProcess;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link creation sucessful." ),GlobalConfig->error );
+ ImportProcess =0L;
+ exit();
+ }
+ }
+ else
+ {
+ importSuccess=false;
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Skipping link creation." ),GlobalConfig->error );
+ }
+}
+
+void ImportCertificateDialog::exit()
+{
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("exit()"),GlobalConfig->debug );
+
+
+ if ( (ImportProcess != 0L && ImportProcess->normalExit() ) || ImportProcess == 0L )
+ {
+ doExit=true;
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link successful created." ),GlobalConfig->debug );
+
+ // if ( ImportProcess->normalExit() )
+ // importOk=true;
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ Utils ( GlobalConfig,this ).doChmod ( certpath+"/private/" + certName + ".pem","go-rwx" );
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ Utils ( GlobalConfig,this ).doChmod ( certpath+"/" + certName + ".pem","go-rwx" );
+ done=true;
+ canAccept();
+ }
+ else
+ {
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ importSuccess=false;
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doPrivateKey() failed." ),GlobalConfig->error );
+ }
+}
+
+void ImportCertificateDialog::readFromStdout_import()
+{
+
+// QString line = QString( ImportProcess->readStdout() );
+ while ( ImportProcess->canReadLineStdout() )
+ {
+ QString line = QString ( ImportProcess->readLineStdout() );
+
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import stdout: %1" ).arg ( line ),GlobalConfig->debug );
+ if ( doHash )
+ {
+ certHash = line.left ( line.length() - 1 );
+ doHash = false;
+ // LogOutput->append( "<font color=\"red\">[std]: hash" + line + "</font>" );
+ }
+
+ if ( line.find ( "Enter Import Password" , 0, FALSE ) > -1 )
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1 was requested, send it..." ).arg ( i18n ( " import password" ) ),GlobalConfig->debug );
+
+ if ( main->ImportPasswordEdit->text().isEmpty() )
+ ImportProcess->writeToStdin ( "\n" );
+ else
+ ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
+ }
+
+ else if ( line.find ( "Enter PEM pass phrase" , 0, FALSE ) > -1 )
+ {
+
+ if ( askpasscount < 10 )
+ {
+
+ if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
+
+ ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
+ }
+ else
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
+
+ // we need 4 chars here
+ ImportProcess->writeToStdin ( "abcd\n" );
+
+ }
+ askpasscount+=1;
+ }
+ else
+ {
+ // whats happen???
+ // doExit=true;
+ }
+ }
+
+
+ if ( main->ImporttypeComboBox->currentItem() == cisco )
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 2 )
+ GlobalConfig->appendLogEntry ("[cisco_cert_mgr raw] "+line,GlobalConfig->debug);
+
+ if ( line.find ( "Password:" , 0, FALSE ) > -1 || line.find ( "Confirm Password:" , 0, FALSE ) > -1 )
+ {
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1 was requested, send it..." ).arg ( i18n ( "certificate password" ) ),GlobalConfig->debug );
+ ImportProcess->writeToStdin ( QString ( main->PrivateKeyPasswordEdit->password() ) + "\n" );
+
+ }
+ if ( line.find ( "Success: certificate imported from path:", 0, FALSE ) > -1 )
+ {
+
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import was successful." ) ,GlobalConfig->info );
+ importOk=true;
+ importSuccess=true;
+ doExit=true;
+ done=true;
+ }
+
+ }
+ }
+}
+
+void ImportCertificateDialog::readFromStderr_import()
+{
+// QString line = QString ( ImportProcess->readStderr() );
+ while ( ImportProcess->canReadLineStderr() )
+ {
+ QString line = QString ( ImportProcess->readLineStderr() );
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ {
+ if ( line.find ( "Enter Import Pass", 0, FALSE ) > -1 || line.find ( "Enter PEM pass phrase", 0, FALSE ) > -1 || line.find ( "MAC verified OK", 0, FALSE ) > -1 || line.find ( "Enter pass phrase for", 0, FALSE ) > -1 || line.find ( "writing RSA key", 0, FALSE ) > -1 )
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg ( line ),GlobalConfig->info );
+ }
+ else
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import stderr: %1" ).arg ( line ),GlobalConfig->error );
+ }
+ }
+ if ( line.find ( "Error",9, FALSE ) > -1 )
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg ( line ),GlobalConfig->error );
+ importSuccess=false;
+ importOk = false;
+ doExit=false;
+// error_found=true;
+ }
+
+ else if ( line.find ( "invalid password" , 0, FALSE ) > -1 || line.find ( "Mac verify error: invalid password?", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::sorry ( this , i18n ( "Wrong password." ), i18n ( "Password Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: password was invalid" ),GlobalConfig->error );
+ importSuccess=false;
+ importOk = false;
+ doExit=false;
+ error_found=true;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ }
+
+ else if ( line.find ( "unable to load certificate", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::error ( this, i18n ( "Unable to load certificate!" ), i18n ( "Load Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Unable to load certificate!" ) ,GlobalConfig->error );
+ importOk=false;
+ importSuccess=false;
+ doExit=false;
+ error_found=true;
+// if ( ImportProcess != 0L && ImportProcess->isRunning() )
+// {
+// disconnect ( ImportProcess, SIGNAL ( readyReadStdout() ), this, SLOT ( readFromStdout_import() ) );
+// disconnect ( ImportProcess, SIGNAL ( readyReadStderr() ), this, SLOT ( readFromStderr_import() ) );
+// ImportProcess->kill();
+// ImportProcess = 0L;
+// }
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ done=true;
+ return;
+ }
+ else if ( line.find ( "unable to load Private Key", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::error ( this, i18n ( "unable to load Private Key!" ), i18n ( "Load Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "unable to load Private Key!" ) ,GlobalConfig->error );
+ importOk=false;
+ importSuccess=false;
+ doExit=false;
+ error_found=true;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ if ( ImportProcess->isRunning() )
+ {
+ ImportProcess->kill();
+ }
+ done=true;
+ }
+
+ else if ( line.find ( "Error opening output file", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::error ( this, i18n ( "Error opening output file." ), i18n ( "File open failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Error opening output file!" ) ,GlobalConfig->error );
+ importOk=false;
+ importSuccess=false;
+ doExit=true;
+ error_found=true;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ done=true;
+ }
+ else if ( line.find ( "Verify failure", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::error ( this, i18n ( "Verify failure at private key password." ), i18n ( "Verify failure" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Verify failure at private key password." ) ,GlobalConfig->error );
+ importOk=false;
+ importSuccess=false;
+ doExit=true;
+ error_found=true;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ done=true;
+ }
+
+ else if ( line.find ( "MAC verified OK", 0, FALSE ) > -1 )
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Import password was ok." ) ,GlobalConfig->debug );
+ importSuccess=true;
+ }
+
+ else if ( main->ImporttypeComboBox->currentItem() == cisco )
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 2 )
+ GlobalConfig->appendLogEntry ("[cisco_cert_mgr raw err] "+line,GlobalConfig->debug);
+
+ if ( line.find ( "error: unable to import certificate from path:", 0, FALSE ) > -1 )
+ {
+ if (error_found==false)
+ KMessageBox::error ( this, i18n ( "Unable to load certificate!" ), i18n ( "Load Failed" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Unable to load certificate!" ) ,GlobalConfig->error );
+ importOk=false;
+ importSuccess=false;
+ doExit=false;
+ error_found=true;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ if ( ImportProcess->isRunning() )
+ {
+ ImportProcess->kill();
+ }
+ done=true;
+ }
+
+ else if ( line.find ( "Success: certificate imported from path:", 0, FALSE ) > -1 )
+ {
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate imported from path." ) ,GlobalConfig->error );
+ importOk=true;
+ importSuccess=true;
+ doExit=false;
+ done=true;
+ }
+ }
+ }
+}
+
+void ImportCertificateDialog::typeToggeled ( int type )
+{
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( QString ( "type: "+QString().setNum ( type ) ),GlobalConfig->debug );
+ if ( type == pkcs12_freeswan )
+ {
+ certpath = "/etc/ipsec.d/certs";
+// main->PrivateKeyPasswordEdit->setEnabled ( true );
+// main->PrivateKeyAgainPasswordEdit->setEnabled ( true );
+ main->RacoonCertificatePathUrlrequester->setEnabled ( false );
+ main->ImportPasswordEdit->setEnabled ( true );
+ main->P12GroupBox->setEnabled ( true );
+// main->PrivateKeyPassGroupBox->setEnabled ( true );
+ main->FilenameUrlrequester->setFilter ( "*.p12" );
+ }
+ else if ( type == pkcs12_racoon )
+ {
+ certpath = "/etc/racoon/certs/";
+// main->PrivateKeyPasswordEdit->setEnabled ( false );
+// main->PrivateKeyAgainPasswordEdit->setEnabled ( false );
+ main->RacoonCertificatePathUrlrequester->setEnabled ( true );
+ main->ImportPasswordEdit->setEnabled ( true );
+ main->P12GroupBox->setEnabled ( true );
+// main->PrivateKeyPassGroupBox->setEnabled ( false );
+ main->FilenameUrlrequester->setFilter ( "*.p12" );
+ }
+ else if ( type == ca_der )
+ {
+ certpath = "/etc/certs/";
+// main->PrivateKeyPasswordEdit->setEnabled ( false );
+// main->PrivateKeyAgainPasswordEdit->setEnabled ( false );
+ main->RacoonCertificatePathUrlrequester->setEnabled ( true );
+ main->ImportPasswordEdit->setEnabled ( false );
+ main->P12GroupBox->setEnabled ( false );
+// main->PrivateKeyPassGroupBox->setEnabled ( false );
+ main->FilenameUrlrequester->setFilter ( "*.der *.crt" );
+ }
+ else if ( type == pkcs12_openvpn )
+ {
+ certpath = "/etc/openvpn";
+ main->PrivateKeyPasswordEdit->setEnabled ( true );
+ main->PrivateKeyAgainPasswordEdit->setEnabled ( true );
+ main->RacoonCertificatePathUrlrequester->setEnabled ( true );
+ main->RacoonCertificatePathUrlrequester->setURL( certpath );
+ main->ImportPasswordEdit->setEnabled ( true );
+ main->P12GroupBox->setEnabled ( true );
+ main->PrivateKeyPassGroupBox->setEnabled ( true );
+ main->FilenameUrlrequester->setFilter ( "*.p12" );
+ }
+ else if ( type == cisco )
+ {
+ main->P12GroupBox->setTitle ( i18n ( "Import" ) );
+ main->CertPathTextLabel->hide();
+ main->RacoonCertificatePathUrlrequester->hide();
+ main->PrivateKeyPassGroupBox->setTitle ( i18n ( "Certificate protection" ) );
+ main->PrivateKeyPassTextLabel->setText(i18n ("Certificate password:"));
+ main->PrivateKeyPassAgainTextLabel->setText(i18n ("Certificate password again:"));
+ main->FilenameUrlrequester->setFilter ( "*" );
+ }
+
+ else
+ {
+ main->P12GroupBox->setTitle ( i18n ( "P12" ) );
+ main->CertPathTextLabel->hide();
+ main->RacoonCertificatePathUrlrequester->hide();
+ main->PrivateKeyPassGroupBox->setTitle ( i18n ( "FreeS/WAN (Openswan)" ) );
+ main->PrivateKeyPassTextLabel->setText(i18n ("Private key passphrase:"));
+ main->PrivateKeyPassAgainTextLabel->setText(i18n ("Passphrase again:"));
+ main->FilenameUrlrequester->setFilter ( "*" );
+ }
+
+ main->RacoonCertificatePathUrlrequester->setURL ( certpath );
+}
+
+void ImportCertificateDialog::ciscoCertMgrExited()
+{
+ doExit=true;
+ importOk=true;
+ importSuccess=true;
+ done=true;
+ if ( GlobalConfig->KvpncDebugLevel > 0 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate successful imported." ),GlobalConfig->debug );
+ canAccept();
+}
+
+void ImportCertificateDialog::usePrivateKeyPassToggled(bool)
+{
+ if (main->UsePrivateKeyPasswordCheckBox->isChecked())
+ {
+ main->PrivateKeyPassGroupBox->setEnabled(true);
+ }
+ else
+ {
+ main->PrivateKeyPassGroupBox->setEnabled(false);
+ }
+}
+
+void ImportCertificateDialog::removePrivateKey()
+{
+ disconnect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( removePrivateKey() ) );
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("removePrivateKey()"),GlobalConfig->debug );
+
+ if ( ImportProcess->normalExit () )
+ {
+ ImportProcess->clearArguments();
+ ImportProcess->addArgument ( pathToOpenSSL );
+ ImportProcess->addArgument ( "rsa" );
+ ImportProcess->addArgument ( "-in" );
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
+
+ ImportProcess->addArgument ( "-out" );
+
+ if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
+ ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
+ else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
+ ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
+
+ connect ( ImportProcess, SIGNAL ( processExited () ), this, SLOT ( exit() ) );
+
+
+ if ( !ImportProcess->start( ) )
+ {
+ KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "ln -s" ) );
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: passphrase could not removed." ),GlobalConfig->error );
+ importSuccess=false;
+ GlobalConfig->appPointer->restoreOverrideCursor();
+ return;
+ }
+ else
+ {
+
+ if ( GlobalConfig->KvpncDebugLevel > 3 )
+ GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("removePrivateKey()").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
+
+ // we need 4 chars here
+ ImportProcess->writeToStdin ( "abcd\n" );
+ }
+ }
+ else
+ {
+ importSuccess=false;
+ }
+}
generated by cgit v1.2.1 (git 2.18.0) at 2024-11-15 02:01:33 +0000