summaryrefslogtreecommitdiffstats
path: root/src/importprofiledialog.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/importprofiledialog.cpp')
-rw-r--r--src/importprofiledialog.cpp601
1 files changed, 601 insertions, 0 deletions
diff --git a/src/importprofiledialog.cpp b/src/importprofiledialog.cpp
new file mode 100644
index 0000000..80ec8a0
--- /dev/null
+++ b/src/importprofiledialog.cpp
@@ -0,0 +1,601 @@
+/***************************************************************************
+* Copyright (C) 2004 by Christoph Thielecke *
+* crissi99@gmx.de *
+* *
+* This program is free software; you can redistribute it and/or modify *
+* it under the terms of the GNU General Public License as published by *
+* the Free Software Foundation; either version 2 of the License, or *
+* (at your option) any later version. *
+* *
+* This program is distributed in the hope that it will be useful, *
+* but WITHOUT ANY WARRANTY; without even the implied warranty of *
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+* GNU General Public License for more details. *
+* *
+* You should have received a copy of the GNU General Public License *
+* along with this program; if not, write to the *
+* Free Software Foundation, Inc., *
+* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+***************************************************************************/
+//BEGIN INCLUDES
+#include <kmessagebox.h>
+#include <kio/netaccess.h>
+#include <ktempfile.h>
+#include <klocale.h>
+#include <kconfig.h>
+#include <kdialogbase.h>
+#include <kurlrequester.h>
+#include <kcombobox.h>
+#include <qstringlist.h>
+#include <qfile.h>
+#include <qurl.h>
+#include <kurl.h>
+#include <qtextstream.h>
+#include <qcheckbox.h>
+#include <qfileinfo.h>
+#include <string>
+
+#include <iostream>
+
+#include "importprofiledialog.h"
+#include "importcertificatedialog.h"
+#include "utils.h"
+#include "ciscopasswddecoder.h"
+//END INCLUDES
+
+ImportProfileDialog::ImportProfileDialog(KVpncConfig *GlobalConfig, QWidget *parent, const QString& caption, QString file)
+ : KDialogBase( parent, "Import_Cisco_PCF_profile", true, caption,
+ KDialogBase::Ok|KDialogBase::Cancel, KDialogBase::Ok, true )
+{
+ decodeEncPasswd = false;
+ if (!file.isEmpty())
+ filename = file;
+ else
+ filename = "";
+ importOk = false;
+ this->GlobalConfig= GlobalConfig;
+
+ main = new ImportProfileDialogBase(this);
+ setMainWidget(main);
+ main->setMinimumSize(main->sizeHint());
+
+ main->FilenameUrlrequester->setFilter( "*.pcf" );
+ main->FilenameUrlrequester->setURL(filename);
+
+}
+
+
+ImportProfileDialog::~ImportProfileDialog()
+{
+ delete main;
+}
+
+void ImportProfileDialog::accept()
+{
+
+ //filename="/etc/CiscoSystemsVPNClient/Profiles/hs_harz.pcf";
+ filename = main->FilenameUrlrequester->url();
+ if ( !filename.isEmpty() )
+ {
+ f = new QFile(filename);
+ canAccept();
+ }
+
+ else
+ {
+ KMessageBox::sorry( 0, i18n( "File name can not be empty!" ), i18n( "Empty File Name" ) );
+ }
+}
+
+
+void ImportProfileDialog::canAccept()
+{
+
+ if ( !f->exists() )
+ {
+ KMessageBox::information( 0, i18n( "File not found." ), i18n( "No File" ) );
+
+ // emit progress( 100 );
+ return ;
+ }
+
+ KConfig config( filename, true, false );
+
+ QStringList grouplist = config.groupList();
+
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ {
+ QString groups="";
+ for ( QStringList::Iterator group = grouplist.begin(); group != grouplist.end(); ++group )
+ groups += QString(" "+*group);
+ GlobalConfig->appendLogEntry(i18n("PCF import: groups found: [ %1 ]").arg(groups), GlobalConfig->debug);
+ }
+
+ config.setGroup( "main" );
+
+ // sample config
+
+ /*
+ [main]
+ Description=
+ Host = 192.168.13.1
+ AuthType=1
+ GroupName = hs_harz
+ GroupPwd =
+ Username = u15119
+ SaveUserPassword = 0
+ UserPassword =
+ NTDomain =
+ EnableBackup = 0
+ BackupServer =
+ EnableMSLogon = 1
+ TunnelingMode = 0
+ TcpTunnelingPort = 10000
+ CertStore = 0
+ CertName =
+ CertPath =
+ CertSubjectName =
+ CertSerialHash = 00000000000000000000000000000000
+ SendCertChain = 0
+ VerifyCertDN =
+ DHGroup = 2
+ ForceKeepAlives = 0
+ PeerTimeout = 90
+ EnableLocalLAN = 1 // only reading because we dont want to do this
+ EnableSplitDNS = 1
+ EnableNAT = 1
+ */
+
+
+ VpnAccountData::ConnectionType ConnType = VpnAccountData::cisco;
+ QString ProfileName = QFileInfo ( f->name().stripWhiteSpace().remove(".pcf").remove(".PCF") ).fileName();
+ acc = new VpnAccountData ( ConnType, Utils(this->GlobalConfig).removeSpecialCharsForFilename( ProfileName ));
+
+ QString Description = config.readEntry( "Description", "" );
+
+ if (Description.isEmpty())
+ Description = config.readEntry("!Description",i18n("Profile imported from file %1.").arg(filename));
+
+ if (!Description.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: description found: %1").arg(Description), GlobalConfig->debug);
+ acc->setDescription( Description );
+ }
+
+
+ QString Gateway = config.readEntry( "Host", "" );
+
+ if (Gateway.isEmpty())
+ Gateway = config.readEntry( "!Host", "" );
+
+ if (!Gateway.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: gateway found: %1").arg(Gateway), GlobalConfig->debug);
+ acc->setGateway( Gateway );
+ }
+
+ bool useApplicationVersion = false;
+ acc->setUseApplicationVersion( useApplicationVersion );
+
+ bool enableBackup = config.readBoolEntry( "EnableBackup" , FALSE );
+ QString BackupServer = config.readEntry( "BackupServer", "" );
+
+ QString GroupName = config.readEntry( "GroupName" , "" );
+
+ if (GroupName.isEmpty())
+ GroupName = config.readEntry( "!GroupName", "" );
+
+ if (GroupName.isEmpty())
+ GroupName = "importedProfile";
+
+ if (!GroupName.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: group name found: %1").arg(GroupName), GlobalConfig->debug);
+ acc->setID( GroupName );
+ }
+
+ QString NtDomain = config.readEntry( "NTDomain" );
+ if (NtDomain.isEmpty())
+ NtDomain = config.readEntry( "!NTDomain", "" );
+
+ if (!NtDomain.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: NT domain found: %1").arg(NtDomain), GlobalConfig->debug);
+ acc->setNtDomainName( NtDomain );
+ }
+
+ bool enableMSLogon = config.readBoolEntry( "EnableMSLogon", FALSE );
+ bool useNtDomainName = false;
+
+ if ( enableMSLogon && !NtDomain.isEmpty() )
+ useNtDomainName = true;
+
+ QString CertName = config.readEntry( "CertName", "" );
+
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: certificate name found: %1").arg(CertName), GlobalConfig->debug);
+
+ QString CertPath = config.readEntry( "CertPath", "" );
+ QString CertSubjectName = config.readEntry( "CertSubjectName", "" );
+ QString CertSerialHash = config.readEntry( "CertSerialHash", "" );
+ // bool SendCertChain = config.readBoolEntry( "SendCertChain" , "" );
+ // bool VerifyCertDN = config.readBoolEntry( "VerifyCertDN", FALSE );
+
+ /*
+ 0 = default, none
+ 1 = Cisco
+ */
+ bool useCertStore=false;
+ int CertStore = config.readNumEntry( "CertStore", -1 );
+ if (CertStore == 1)
+ useCertStore = true;
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: certificate should be stored into cisco cert store: %1").arg(QString().setNum(int(useCertStore))), GlobalConfig->debug);
+
+ if (useCertStore)
+ {
+ // we have to import into the store
+ if (!CertName.isEmpty())
+ {
+ bool CertPathFound = false;
+ QString CertFullPath = CertName;
+ if (!QFile(CertFullPath).exists())
+ {
+ CertFullPath = CertPath+"/"+CertName;
+ if (!QFile(CertFullPath).exists())
+ {
+ GlobalConfig->appendLogEntry(i18n("Cisco certificate import: cert not found, skipping."), GlobalConfig->error);
+ }
+ else
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("Cisco certificate import: cert found at current path."), GlobalConfig->debug);
+ CertPathFound = true;
+ }
+ }
+ else
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("Cisco certificate import: cert found at cert path."), GlobalConfig->debug);
+ CertPathFound = true;
+
+ }
+ if (CertPathFound)
+ {
+ QStringList OldCiscoCerts = Utils(GlobalConfig).getCertsFromCiscoCertStore();
+ ImportCertificateDialog dlg( this, i18n( "Import certificate..." ).ascii(), GlobalConfig );
+ dlg.main->FilenameUrlrequester->setURL(CertFullPath);
+ dlg.main->ImporttypeComboBox->setCurrentItem(dlg.ciscouserca); // import user and ca cert
+ int result = dlg.exec();
+ if (result == QDialog::Accepted)
+ {
+ acc->setUseCiscoCertStore(true);
+ QStringList CiscoCerts = Utils(GlobalConfig).getCertsFromCiscoCertStore();
+ for ( QStringList::Iterator ciscoit = CiscoCerts.begin(); ciscoit != CiscoCerts.end(); ++ciscoit )
+ {
+ if (OldCiscoCerts.findIndex(QString(*ciscoit)) < 1 )
+ {
+ // if it was not in list, then its the new added one.
+ acc->setX509Certificate(*ciscoit);
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+ {
+ acc->setX509Certificate(CertName);
+ acc->setCertPath(CertPath);
+ }
+
+
+ int TcpTunnelingPort = config.readNumEntry( "TcpTunnelingPort", 10000 ); //std::cout << "tunneling port: " << TunnelingPort << std::endl;
+ /*
+ 0, the default, specifies IPSec over UDP for NAT transparency
+ 1 specifies IPSec over TCP for NAT transparency
+ */
+ bool useUdp = config.readBoolEntry( "TunnelingMode", 0 );
+ acc->setUseUdp( useUdp );
+
+ int LocalPort=10000;
+ bool useLocalPort = false;
+ if (TcpTunnelingPort != 10000)
+ useLocalPort = true;
+
+ if (useLocalPort && useUdp == false)
+ {
+ acc->setLocalPort(LocalPort);
+ acc->setUseLocalPort(true);
+ }
+
+
+ // bool ForceKeepAlives = config.readBoolEntry( "ForceKeepAlives", FALSE );
+
+ // bool EnableLocalLAN = config.readBoolEntry( "EnableLocalLAN", FALSE ); // nur auslesen aber immer aus :)
+ // bool EnableSplitDNS = config.readBoolEntry( "EnableSplitDNS", FALSE );
+
+
+ if (useUdp == false)
+ {
+ // vpnc does not support TCP :(
+ acc->setConnectionType(VpnAccountData::cisco);
+ }
+ if (useUdp)
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: using %1 for tunneling").arg("UDP"), GlobalConfig->debug);
+ acc->setUseUdp( true);
+ }
+ else
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: using %1 for tunneling").arg("TCP"), GlobalConfig->debug);
+ acc->setUseUdp( false);
+ }
+ /*
+ 0, the default, disables IPSec through NAT mode
+ 1 enables IPSec through NAT mode
+ */
+ bool enableNAT = config.readNumEntry("EnableNat", false);
+ if (enableNAT)
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: enable NAT mode: %1").arg(i18n("yes")), GlobalConfig->debug);
+ acc->setUseNat(true);
+ }
+ else
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: enable NAT mode: %1").arg(i18n("no")), GlobalConfig->debug);
+ acc->setUseNat(false);
+ }
+
+ bool useUdpPort= true;
+
+
+// if ( TunnelingPort != 10000 )
+// {
+// useUdp=true; //FIXME: is this right? I guess its only on udp
+// useUdpPort = true;
+// }
+
+ QString PerfectForwardSecrecy = ""; //QString("dh"+QString().setNum(DHGroup));
+ // bool usePerfectForwardSecrety = false;
+ bool usePerfectSecrecy = false;
+ acc->setPerfectForwardSecrety( PerfectForwardSecrecy );
+ acc->setUsePerfectForwardSecrety( usePerfectSecrecy );
+ bool useIkeGroup = false;
+ QString IkeGroup;
+ int DHGroup = config.readNumEntry( "DHGroup", -1 );
+ if (DHGroup != -1 )
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: Diffie Hellman group found: %1").arg(QString().setNum(DHGroup)), GlobalConfig->debug);
+ IkeGroup = "dh" + QString().setNum( DHGroup ) ;
+ useIkeGroup = true;
+ acc->setIkeGroup( IkeGroup );
+ }
+
+ int PeerTimeout = config.readNumEntry( "PeerTimeout", -1 );
+ if (PeerTimeout > -1 )
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: peer timeout found: %1").arg(QString().setNum(PeerTimeout)), GlobalConfig->debug);
+ // read minutes but store seconds
+ acc->setPeerTimeout( PeerTimeout*60 );
+ }
+
+ QString Username = config.readEntry( "Username" , "" );
+ if (!Username.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: user name found: %1").arg(Username), GlobalConfig->debug);
+ acc->setUserName( Username );
+ }
+
+ QString UserPassword = config.readEntry( "UserPassword", "" );
+ if (UserPassword.isEmpty())
+ UserPassword = config.readEntry( "!UserPassword", "" );
+
+ if (!UserPassword.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: clear text user password found: %1").arg(UserPassword), GlobalConfig->debug);
+ acc->setUserPassword( UserPassword );
+ }
+
+ QString enc_UserPassword = config.readEntry( "enc_UserPassword", "" );
+ if (enc_UserPassword.isEmpty())
+ enc_UserPassword = config.readEntry( "!enc_UserPassword", "" );
+
+ if (!enc_UserPassword.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ GlobalConfig->appendLogEntry(i18n("PCF import: encrypted user password found: %1").arg(enc_UserPassword), GlobalConfig->debug);
+ }
+
+ CiscoPasswdDecoder dec (filename);
+ QString userpasswd="";
+ QString grouppasswd="";
+ dec.decodePasswords(userpasswd,grouppasswd);
+
+ // std::cout << "decoded userpasswd: " << userpasswd << std::endl;
+ // std::cout << "decoded grouppasswd: " << grouppasswd << std::endl;
+
+ bool saveUserPassword = config.readBoolEntry( "SaveUserPassword", FALSE );
+
+ if (saveUserPassword == false)
+ config.readBoolEntry( "!SaveUserPassword", FALSE );
+
+ if ( UserPassword.isEmpty() && userpasswd.isEmpty() )
+ saveUserPassword = false;
+
+ if (!userpasswd.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 3)
+ GlobalConfig->appendLogEntry(i18n("PCF import: decrypted user password found: %1").arg(userpasswd), GlobalConfig->debug);
+ acc->setUserPassword( userpasswd );
+ }
+
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ if (saveUserPassword)
+ GlobalConfig->appendLogEntry(i18n("PCF import: save user pass : %1").arg(i18n("yes")), GlobalConfig->debug);
+ else
+ GlobalConfig->appendLogEntry(i18n("PCF import: save user pass : %1").arg(i18n("no")), GlobalConfig->debug);
+ acc->setSaveUserPassword( saveUserPassword );
+
+ bool saveGroupPwd = true;
+ QString GroupPwd = config.readEntry( "GroupPwd" , "" );
+ if (GroupPwd.isEmpty())
+ GroupPwd = config.readEntry( "!GroupPwd", "" );
+
+ if (!GroupPwd.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 3)
+ GlobalConfig->appendLogEntry(i18n("PCF import: clear text group password found: %1").arg(GroupPwd), GlobalConfig->debug);
+ acc->setPreSharedKey( GroupPwd );
+ }
+
+ QString enc_GroupPwd = config.readEntry( "enc_GroupPwd", "" );
+
+ if (enc_GroupPwd.isEmpty())
+ enc_GroupPwd = config.readEntry( "!enc_GroupPwd", "" );
+
+ if (!grouppasswd.isEmpty())
+ {
+ if (GlobalConfig->KvpncDebugLevel > 3)
+ GlobalConfig->appendLogEntry(i18n("PCF import: decrypted group password found: %1").arg(grouppasswd), GlobalConfig->debug);
+ acc->setPreSharedKey( grouppasswd );
+ }
+
+ if ( GroupPwd.isEmpty() && grouppasswd.isEmpty())
+ saveGroupPwd = false;
+ acc->setSavePsk( saveGroupPwd );
+
+ if ( Description.isEmpty() )
+ {
+ Description = ( QUrl( filename ).fileName() );
+ Description = Utils(this->GlobalConfig).removeSpecialCharsForFilename( Description.left( filename.section('/',-1).length() - 4 ));
+ }
+
+ if ( GroupName.isEmpty() )
+ {
+ GroupName = Utils(this->GlobalConfig).removeSpecialCharsForFilename( GroupName.left( filename.section('/',-1).length() - 4 ));
+ }
+
+ /*
+ AuthType=
+ The authentication type of the user:
+ 1 = Pre-shared keys (default)
+ 3 = Digital Certificate using an RSA signature.
+ 5 = Mutual authentication (hybrid)
+ */
+ int AuthType = config.readNumEntry( "AuthType" , -1 );
+
+ if (AuthType==-1)
+ AuthType = config.readNumEntry( "!AuthType", -1 );
+
+ if (GlobalConfig->KvpncDebugLevel > 0)
+ if (AuthType ==1)
+ GlobalConfig->appendLogEntry(i18n("PCF import: authentication type found: %1").arg(i18n("PSK")), GlobalConfig->debug);
+ else if (AuthType ==3)
+ GlobalConfig->appendLogEntry(i18n("PCF import: authentication type found: %1").arg(i18n("certificate")), GlobalConfig->debug);
+ else if (AuthType ==5)
+ GlobalConfig->appendLogEntry(i18n("PCF import: authentication type found: %1").arg(i18n("hybrid")), GlobalConfig->debug);
+ else
+ GlobalConfig->appendLogEntry(i18n("PCF import: no authentication type found, assuming %1").arg(i18n("PSK")), GlobalConfig->debug);
+
+ if (AuthType == 3 || AuthType == 5)
+ {
+ // vpnc has no cert support :(
+ acc->setConnectionType (VpnAccountData::ciscoorig);
+ acc->setAuthType( VpnAccountData::cert);
+
+ if (!CertName.isEmpty())
+ acc->setX509Certificate(CertName);
+ }
+ else if (AuthType == 1 )
+ acc->setAuthType( VpnAccountData::psk);
+ else
+ acc->setAuthType( VpnAccountData::psk);
+
+ bool useGlobalIpsecSecret = false;
+ acc->setUseGlobalIpsecSecret( useGlobalIpsecSecret );
+
+ bool useSingleDes = false;
+ acc->setUseSingleDes( useSingleDes );
+
+ //acc->setUseAdvancedSettings( useAdvancedSettings );
+ acc->setUseAdvancedSettings( true );
+
+ /*
+ std::cout << Description
+ std::cout << Gateway
+ std::cout << AuthType
+ std::cout << GroupName
+ std::cout << GroupPwd
+ std::cout << enc_GroupPwd
+ std::cout << Username
+ std::cout << saveUserPassword
+ std::cout << UserPassword
+ std::cout << NtDomain
+ std::cout << bool enableBackup
+ std::cout << BackupServer
+ std::cout << bool enableMSLogon
+ std::cout << TunnelingMode
+ std::cout << TunnelingPort
+ std::cout << CertStore
+ std::cout << CertName
+ std::cout << CertPath
+ std::cout << CertSubjectName
+ std::cout << CertSerialHash
+ std::cout << SendCertChain
+ std::cout << VerifyCertDN
+ std::cout << DHGroup
+ std::cout << ForceKeepAlives
+ std::cout << PeerTimeout
+ std::cout << EnableLocalLAN
+ std::cout << EnableSplitDNS
+ std::cout << saveGroupPwd
+ std::cout << usePerfectSecrecy
+ std::cout << useSingleDes
+ std::cout << useLocalPort
+ std::cout << useNtDomainName
+ std::cout << useLocalPort
+ std::cout << IkeGroup
+ std::cout << PerfectForwardSecrecy
+ std::cout << useAdvancedSettings
+ */
+ /*
+ acc.setName( Description );
+ acc.setGateway( Gateway );
+ acc.setID( GroupName );
+ acc.setGroupPassword( GroupPwd );
+ acc.setUserName( Username );
+ acc.setUserPassword( UserPassword );
+ acc.setSaveUserPassword( saveUserPassword );
+ acc.setSaveGroupPassword( true );
+ //acc.setIkeGroup( QString IkeGroup );
+ acc.setPerfectForwardSecrety( QString PerfectForwardSecrecy );
+ acc.setNtDomainName( QString Name );
+ acc.setApplicationVersion( QString version );
+ acc.setUseSingleDes( bool useSingleDes );
+ acc.setLocalPort( int port );
+ acc.setUseIkeGroup( bool useIkeGroup);
+ acc.setUsePerfectForwardSecrety(bool usePerfectForwardSecrety);
+ acc.setUseNtDomainName(bool useNtDomainName);
+ acc.setUseApplicationVersion(bool useApplicationVersion);
+ acc.setUseLocalPort(bool useLocalPort);
+ acc.setUseAdvancedSettings(bool useAdvancedSettings);
+ acc.setUseGlobalIpsecSecret(bool useGlobalIpsecSecret);
+ */
+ importOk = true;
+ //std::cout << "accept" << std::endl;
+ QDialog::accept();
+}
+