Attachment #392270 for bug #532294

View | Details | Raw Unified | Return to bug 532294
Collapse All | Expand All

Line Link Here

(-)file_not_specified_in_diff (-23 / +59 lines)
0	--	0	++ b/vpn/openconnect/CMakeLists.txt
1	--
2	-- a/vpn/openconnect/CMakeLists.txt
Lines 15-20 Link Here
15		15
16	if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR	16	if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR
17	${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})	17	${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})
		18
		19	include_directories(${OPENCONNECT_INCLUDE_DIRS})
18		20
19	set(openconnect_SRCS	21	set(openconnect_SRCS
20	openconnectui.cpp	22	openconnectui.cpp
21	-- a/vpn/openconnect/openconnectauth.cpp	23	++ b/vpn/openconnect/openconnectauth.cpp
Lines 161-167 Link Here
161	}	161	}
162	if (!dataMap[NM_OPENCONNECT_KEY_CACERT].isEmpty()) {	162	if (!dataMap[NM_OPENCONNECT_KEY_CACERT].isEmpty()) {
163	const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_CACERT]);	163	const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_CACERT]);
164	openconnect_set_cafile(d->vpninfo, strdup(crt.data()));	164	openconnect_set_cafile(d->vpninfo, OC3DUP(crt.data()));
165	}	165	}
166	if (dataMap[NM_OPENCONNECT_KEY_CSD_ENABLE] == "yes") {	166	if (dataMap[NM_OPENCONNECT_KEY_CSD_ENABLE] == "yes") {
167	char *wrapper;	167	char *wrapper;
Lines 174-185 Link Here
174	}	174	}
175	if (!dataMap[NM_OPENCONNECT_KEY_PROXY].isEmpty()) {	175	if (!dataMap[NM_OPENCONNECT_KEY_PROXY].isEmpty()) {
176	const QByteArray proxy = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PROXY]);	176	const QByteArray proxy = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PROXY]);
177	openconnect_set_http_proxy(d->vpninfo, strdup(proxy.data()));	177	openconnect_set_http_proxy(d->vpninfo, OC3DUP(proxy.data()));
178	}	178	}
179	if (!dataMap[NM_OPENCONNECT_KEY_USERCERT].isEmpty()) {	179	if (!dataMap[NM_OPENCONNECT_KEY_USERCERT].isEmpty()) {
180	const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_USERCERT]);	180	const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_USERCERT]);
181	const QByteArray key = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PRIVKEY]);	181	const QByteArray key = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PRIVKEY]);
182	openconnect_set_client_cert (d->vpninfo, strdup(crt.data()), strdup(key.data()));	182	openconnect_set_client_cert (d->vpninfo, OC3DUP(crt.data()), OC3DUP(key.data()));
183		183
184	if (!crt.isEmpty() && dataMap[NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID] == "yes") {	184	if (!crt.isEmpty() && dataMap[NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID] == "yes") {
185	openconnect_passphrase_from_fsid(d->vpninfo);	185	openconnect_passphrase_from_fsid(d->vpninfo);
Lines 276-285 Link Here
276	const VPNHost &host = d->hosts.at(i);	276	const VPNHost &host = d->hosts.at(i);
277	if (openconnect_parse_url(d->vpninfo, host.address.toAscii().data())) {	277	if (openconnect_parse_url(d->vpninfo, host.address.toAscii().data())) {
278	kWarning() << "Failed to parse server URL" << host.address;	278	kWarning() << "Failed to parse server URL" << host.address;
279	openconnect_set_hostname(d->vpninfo, strdup(host.address.toAscii().data()));	279	openconnect_set_hostname(d->vpninfo, OC3DUP(host.address.toAscii().data()));
280	}	280	}
281	if (!openconnect_get_urlpath(d->vpninfo) && !host.group.isEmpty())	281	if (!openconnect_get_urlpath(d->vpninfo) && !host.group.isEmpty())
282	openconnect_set_urlpath(d->vpninfo, strdup(host.group.toAscii().data()));	282	openconnect_set_urlpath(d->vpninfo, OC3DUP(host.group.toAscii().data()));
283	d->secrets["lasthost"] = host.name;	283	d->secrets["lasthost"] = host.name;
284	addFormInfo(QLatin1String("dialog-information"), i18n("Contacting host, please wait..."));	284	addFormInfo(QLatin1String("dialog-information"), i18n("Contacting host, please wait..."));
285	d->worker->start();	285	d->worker->start();
Lines 301-309 Link Here
301	secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo)));	301	secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo)));
302	openconnect_clear_cookie(d->vpninfo);	302	openconnect_clear_cookie(d->vpninfo);
303		303
		304	#if OPENCONNECT_CHECK_VER(5,0)
		305	const char *fingerprint = openconnect_get_peer_cert_hash(d->vpninfo);
		306	#else
304	OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo);	307	OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo);
305	char fingerprint[41];	308	char fingerprint[41];
306	openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint);	309	openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint);
		310	#endif
307	secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint));	311	secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint));
308	secrets.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t"));	312	secrets.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t"));
309	secrets.insert(QLatin1String("autoconnect"), d->ui.chkAutoconnect->isChecked() ? "yes" : "no");	313	secrets.insert(QLatin1String("autoconnect"), d->ui.chkAutoconnect->isChecked() ? "yes" : "no");
Lines 578-591 Link Here
578	if (opt->type == OC_FORM_OPT_PASSWORD \|\| opt->type == OC_FORM_OPT_TEXT) {	582	if (opt->type == OC_FORM_OPT_PASSWORD \|\| opt->type == OC_FORM_OPT_TEXT) {
579	KLineEdit le = qobject_cast<KLineEdit>(widget);	583	KLineEdit le = qobject_cast<KLineEdit>(widget);
580	QByteArray text = le->text().toUtf8();	584	QByteArray text = le->text().toUtf8();
581	opt->value = strdup(text.data());	585	openconnect_set_option_value(opt, text.data());
582	if (opt->type == OC_FORM_OPT_TEXT) {	586	if (opt->type == OC_FORM_OPT_TEXT) {
583	d->secrets.insert(key,le->text());	587	d->secrets.insert(key,le->text());
584	}	588	}
585	} else if (opt->type == OC_FORM_OPT_SELECT) {	589	} else if (opt->type == OC_FORM_OPT_SELECT) {
586	KComboBox cbo = qobject_cast<KComboBox>(widget);	590	KComboBox cbo = qobject_cast<KComboBox>(widget);
587	QByteArray text = cbo->itemData(cbo->currentIndex()).toString().toAscii();	591	QByteArray text = cbo->itemData(cbo->currentIndex()).toString().toAscii();
588	opt->value = strdup(text.data());	592	openconnect_set_option_value(opt, text.data());
589	d->secrets.insert(key,cbo->itemData(cbo->currentIndex()).toString());	593	d->secrets.insert(key,cbo->itemData(cbo->currentIndex()).toString());
590	}	594	}
591	}	595	}
592	-- a/vpn/openconnect/openconnectauthworkerthread.cpp	596	++ b/vpn/openconnect/openconnectauthworkerthread.cpp
Lines 43-48 Link Here
43	class OpenconnectAuthStaticWrapper	43	class OpenconnectAuthStaticWrapper
44	{	44	{
45	public:	45	public:
		46	#if OPENCONNECT_CHECK_VER(5,0)
		47	static int writeNewConfig(void obj, const char str, int num)
		48	{
		49	if (obj)
		50	return static_cast<OpenconnectAuthWorkerThread*>(obj)->writeNewConfig(str, num);
		51	return -1;
		52	}
		53	static int validatePeerCert(void obj, const char str)
		54	{
		55	if (obj)
		56	return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(NULL, str);
		57	return -1;
		58	}
		59	#else
46	static int writeNewConfig(void obj, char str, int num)	60	static int writeNewConfig(void obj, char str, int num)
47	{	61	{
48	if (obj)	62	if (obj)
Lines 55-61 Link Here
55	return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str);	69	return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str);
56	return -1;	70	return -1;
57	}	71	}
58	static int processAuthForm(void obj, struct oc_auth_form form)	72	#endif
		73	static int processAuthForm(void obj, struct oc_auth_form form)
59	{	74	{
60	if (obj)	75	if (obj)
61	return static_cast<OpenconnectAuthWorkerThread*>(obj)->processAuthFormP(form);	76	return static_cast<OpenconnectAuthWorkerThread*>(obj)->processAuthFormP(form);
Lines 108-114 Link Here
108	return m_openconnectInfo;	123	return m_openconnectInfo;
109	}	124	}
110		125
111	int OpenconnectAuthWorkerThread::writeNewConfig(char *buf, int buflen)	126	int OpenconnectAuthWorkerThread::writeNewConfig(const char *buf, int buflen)
112	{	127	{
113	Q_UNUSED(buflen)	128	Q_UNUSED(buflen)
114	if (*m_userDecidedToQuit)	129	if (*m_userDecidedToQuit)
Lines 139-148 Link Here
139	}	154	}
140	#endif	155	#endif
141		156
142	int OpenconnectAuthWorkerThread::validatePeerCert(OPENCONNECT_X509 cert, const char reason)	157	int OpenconnectAuthWorkerThread::validatePeerCert(void cert, const char reason)
143	{	158	{
144	if (*m_userDecidedToQuit)	159	if (*m_userDecidedToQuit)
145	return -EINVAL;	160	return -EINVAL;
		161
		162	#if OPENCONNECT_CHECK_VER(5,0)
		163	(void)cert;
		164	const char *fingerprint = openconnect_get_peer_cert_hash(m_openconnectInfo);
		165	char *details = openconnect_get_peer_cert_details(m_openconnectInfo);
		166	#else
146	char fingerprint[41];	167	char fingerprint[41];
147	int ret = 0;	168	int ret = 0;
148		169
Lines 151-157 Link Here
151	return ret;	172	return ret;
152		173
153	char *details = openconnect_get_cert_details(m_openconnectInfo, cert);	174	char *details = openconnect_get_cert_details(m_openconnectInfo, cert);
154		175	#endif
155	bool accepted = false;	176	bool accepted = false;
156	m_mutex->lock();	177	m_mutex->lock();
157	QString qFingerprint(fingerprint);	178	QString qFingerprint(fingerprint);
Lines 160-166 Link Here
160	emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted);	181	emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted);
161	m_waitForUserInput->wait(m_mutex);	182	m_waitForUserInput->wait(m_mutex);
162	m_mutex->unlock();	183	m_mutex->unlock();
163	::free(details);	184	openconnect_free_cert_info(m_openconnectInfo, details);
164	if (*m_userDecidedToQuit)	185	if (*m_userDecidedToQuit)
165	return -EINVAL;	186	return -EINVAL;
166		187
167	-- a/vpn/openconnect/openconnectauthworkerthread.h	188	++ b/vpn/openconnect/openconnectauthworkerthread.h
Lines 59-64 Link Here
59	#define OC_FORM_RESULT_NEWGROUP 2	59	#define OC_FORM_RESULT_NEWGROUP 2
60	#endif	60	#endif
61		61
		62	#if OPENCONNECT_CHECK_VER(4,0)
		63	#define OC3DUP(x) (x)
		64	#else
		65	#define openconnect_set_option_value(opt, val) do { \
		66	struct oc_form_opt *_o = (opt); \
		67	free(_o->value); _o->value = strdup(val); \
		68	} while (0)
		69	#define openconnect_free_cert_info(v, x) ::free(x)
		70	#define OC3DUP(x) strdup(x)
		71	#endif
		72
62	#include <QThread>	73	#include <QThread>
63		74
64	class QMutex;	75	class QMutex;
Lines 85-92 Link Here
85	void run();	96	void run();
86		97
87	private:	98	private:
88	int writeNewConfig(char *, int);	99	int writeNewConfig(const char *, int);
89	int validatePeerCert(OPENCONNECT_X509 , const char );	100	int validatePeerCert(void , const char );
90	int processAuthFormP(struct oc_auth_form *);	101	int processAuthFormP(struct oc_auth_form *);
91	void writeProgress(int level, const char *, va_list);	102	void writeProgress(int level, const char *, va_list);
92		103

Return to bug 532294