Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 532294
Collapse All | Expand All

(-)file_not_specified_in_diff (-23 / +59 lines)
Line  Link Here
0
--
0
++ b/vpn/openconnect/CMakeLists.txt
1
--
2
-- a/vpn/openconnect/CMakeLists.txt
Lines 15-20 Link Here
15
15
16
    if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR
16
    if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR
17
        ${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})
17
        ${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})
18
19
        include_directories(${OPENCONNECT_INCLUDE_DIRS})
18
20
19
        set(openconnect_SRCS
21
        set(openconnect_SRCS
20
        openconnectui.cpp
22
        openconnectui.cpp
21
-- a/vpn/openconnect/openconnectauth.cpp
23
++ b/vpn/openconnect/openconnectauth.cpp
Lines 161-167 Link Here
161
    }
161
    }
162
    if (!dataMap[NM_OPENCONNECT_KEY_CACERT].isEmpty()) {
162
    if (!dataMap[NM_OPENCONNECT_KEY_CACERT].isEmpty()) {
163
        const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_CACERT]);
163
        const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_CACERT]);
164
        openconnect_set_cafile(d->vpninfo, strdup(crt.data()));
164
        openconnect_set_cafile(d->vpninfo, OC3DUP(crt.data()));
165
    }
165
    }
166
    if (dataMap[NM_OPENCONNECT_KEY_CSD_ENABLE] == "yes") {
166
    if (dataMap[NM_OPENCONNECT_KEY_CSD_ENABLE] == "yes") {
167
        char *wrapper;
167
        char *wrapper;
Lines 174-185 Link Here
174
    }
174
    }
175
    if (!dataMap[NM_OPENCONNECT_KEY_PROXY].isEmpty()) {
175
    if (!dataMap[NM_OPENCONNECT_KEY_PROXY].isEmpty()) {
176
        const QByteArray proxy = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PROXY]);
176
        const QByteArray proxy = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PROXY]);
177
        openconnect_set_http_proxy(d->vpninfo, strdup(proxy.data()));
177
        openconnect_set_http_proxy(d->vpninfo, OC3DUP(proxy.data()));
178
    }
178
    }
179
    if (!dataMap[NM_OPENCONNECT_KEY_USERCERT].isEmpty()) {
179
    if (!dataMap[NM_OPENCONNECT_KEY_USERCERT].isEmpty()) {
180
        const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_USERCERT]);
180
        const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_USERCERT]);
181
        const QByteArray key = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PRIVKEY]);
181
        const QByteArray key = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PRIVKEY]);
182
        openconnect_set_client_cert (d->vpninfo, strdup(crt.data()), strdup(key.data()));
182
        openconnect_set_client_cert (d->vpninfo, OC3DUP(crt.data()), OC3DUP(key.data()));
183
183
184
        if (!crt.isEmpty() && dataMap[NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID] == "yes") {
184
        if (!crt.isEmpty() && dataMap[NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID] == "yes") {
185
            openconnect_passphrase_from_fsid(d->vpninfo);
185
            openconnect_passphrase_from_fsid(d->vpninfo);
Lines 276-285 Link Here
276
    const VPNHost &host = d->hosts.at(i);
276
    const VPNHost &host = d->hosts.at(i);
277
    if (openconnect_parse_url(d->vpninfo, host.address.toAscii().data())) {
277
    if (openconnect_parse_url(d->vpninfo, host.address.toAscii().data())) {
278
        kWarning() << "Failed to parse server URL" << host.address;
278
        kWarning() << "Failed to parse server URL" << host.address;
279
        openconnect_set_hostname(d->vpninfo, strdup(host.address.toAscii().data()));
279
        openconnect_set_hostname(d->vpninfo, OC3DUP(host.address.toAscii().data()));
280
    }
280
    }
281
    if (!openconnect_get_urlpath(d->vpninfo) && !host.group.isEmpty())
281
    if (!openconnect_get_urlpath(d->vpninfo) && !host.group.isEmpty())
282
        openconnect_set_urlpath(d->vpninfo, strdup(host.group.toAscii().data()));
282
        openconnect_set_urlpath(d->vpninfo, OC3DUP(host.group.toAscii().data()));
283
    d->secrets["lasthost"] = host.name;
283
    d->secrets["lasthost"] = host.name;
284
    addFormInfo(QLatin1String("dialog-information"), i18n("Contacting host, please wait..."));
284
    addFormInfo(QLatin1String("dialog-information"), i18n("Contacting host, please wait..."));
285
    d->worker->start();
285
    d->worker->start();
Lines 301-309 Link Here
301
    secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo)));
301
    secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo)));
302
    openconnect_clear_cookie(d->vpninfo);
302
    openconnect_clear_cookie(d->vpninfo);
303
303
304
#if OPENCONNECT_CHECK_VER(5,0)
305
    const char *fingerprint = openconnect_get_peer_cert_hash(d->vpninfo);
306
#else
304
    OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo);
307
    OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo);
305
    char fingerprint[41];
308
    char fingerprint[41];
306
    openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint);
309
    openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint);
310
#endif
307
    secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint));
311
    secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint));
308
    secrets.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t"));
312
    secrets.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t"));
309
    secrets.insert(QLatin1String("autoconnect"), d->ui.chkAutoconnect->isChecked() ? "yes" : "no");
313
    secrets.insert(QLatin1String("autoconnect"), d->ui.chkAutoconnect->isChecked() ? "yes" : "no");
Lines 578-591 Link Here
578
            if (opt->type == OC_FORM_OPT_PASSWORD || opt->type == OC_FORM_OPT_TEXT) {
582
            if (opt->type == OC_FORM_OPT_PASSWORD || opt->type == OC_FORM_OPT_TEXT) {
579
                KLineEdit *le = qobject_cast<KLineEdit*>(widget);
583
                KLineEdit *le = qobject_cast<KLineEdit*>(widget);
580
                QByteArray text = le->text().toUtf8();
584
                QByteArray text = le->text().toUtf8();
581
                opt->value = strdup(text.data());
585
                openconnect_set_option_value(opt, text.data());
582
                if (opt->type == OC_FORM_OPT_TEXT) {
586
                if (opt->type == OC_FORM_OPT_TEXT) {
583
                    d->secrets.insert(key,le->text());
587
                    d->secrets.insert(key,le->text());
584
                }
588
                }
585
            } else if (opt->type == OC_FORM_OPT_SELECT) {
589
            } else if (opt->type == OC_FORM_OPT_SELECT) {
586
                KComboBox *cbo = qobject_cast<KComboBox*>(widget);
590
                KComboBox *cbo = qobject_cast<KComboBox*>(widget);
587
                QByteArray text = cbo->itemData(cbo->currentIndex()).toString().toAscii();
591
                QByteArray text = cbo->itemData(cbo->currentIndex()).toString().toAscii();
588
                opt->value = strdup(text.data());
592
                openconnect_set_option_value(opt, text.data());
589
                d->secrets.insert(key,cbo->itemData(cbo->currentIndex()).toString());
593
                d->secrets.insert(key,cbo->itemData(cbo->currentIndex()).toString());
590
            }
594
            }
591
        }
595
        }
592
-- a/vpn/openconnect/openconnectauthworkerthread.cpp
596
++ b/vpn/openconnect/openconnectauthworkerthread.cpp
Lines 43-48 Link Here
43
class OpenconnectAuthStaticWrapper
43
class OpenconnectAuthStaticWrapper
44
{
44
{
45
public:
45
public:
46
#if OPENCONNECT_CHECK_VER(5,0)
47
    static int writeNewConfig(void *obj, const char *str, int num)
48
    {
49
        if (obj)
50
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->writeNewConfig(str, num);
51
        return -1;
52
    }
53
    static int validatePeerCert(void *obj, const char *str)
54
    {
55
        if (obj)
56
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(NULL, str);
57
        return -1;
58
    }
59
#else
46
    static int writeNewConfig(void *obj, char *str, int num)
60
    static int writeNewConfig(void *obj, char *str, int num)
47
    {
61
    {
48
        if (obj)
62
        if (obj)
Lines 55-61 Link Here
55
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str);
69
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str);
56
        return -1;
70
        return -1;
57
    }
71
    }
58
    static int processAuthForm(void *obj, struct oc_auth_form *form)
72
#endif
73
	static int processAuthForm(void *obj, struct oc_auth_form *form)
59
    {
74
    {
60
        if (obj)
75
        if (obj)
61
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->processAuthFormP(form);
76
            return static_cast<OpenconnectAuthWorkerThread*>(obj)->processAuthFormP(form);
Lines 108-114 Link Here
108
    return m_openconnectInfo;
123
    return m_openconnectInfo;
109
}
124
}
110
125
111
int OpenconnectAuthWorkerThread::writeNewConfig(char *buf, int buflen)
126
int OpenconnectAuthWorkerThread::writeNewConfig(const char *buf, int buflen)
112
{
127
{
113
    Q_UNUSED(buflen)
128
    Q_UNUSED(buflen)
114
    if (*m_userDecidedToQuit)
129
    if (*m_userDecidedToQuit)
Lines 139-148 Link Here
139
}
154
}
140
#endif
155
#endif
141
156
142
int OpenconnectAuthWorkerThread::validatePeerCert(OPENCONNECT_X509 *cert, const char *reason)
157
int OpenconnectAuthWorkerThread::validatePeerCert(void *cert, const char *reason)
143
{
158
{
144
    if (*m_userDecidedToQuit)
159
    if (*m_userDecidedToQuit)
145
        return -EINVAL;
160
        return -EINVAL;
161
162
#if OPENCONNECT_CHECK_VER(5,0)
163
    (void)cert;
164
    const char *fingerprint = openconnect_get_peer_cert_hash(m_openconnectInfo);
165
    char *details = openconnect_get_peer_cert_details(m_openconnectInfo);
166
#else
146
    char fingerprint[41];
167
    char fingerprint[41];
147
    int ret = 0;
168
    int ret = 0;
148
169
Lines 151-157 Link Here
151
        return ret;
172
        return ret;
152
173
153
    char *details = openconnect_get_cert_details(m_openconnectInfo, cert);
174
    char *details = openconnect_get_cert_details(m_openconnectInfo, cert);
154
175
#endif
155
    bool accepted = false;
176
    bool accepted = false;
156
    m_mutex->lock();
177
    m_mutex->lock();
157
    QString qFingerprint(fingerprint);
178
    QString qFingerprint(fingerprint);
Lines 160-166 Link Here
160
    emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted);
181
    emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted);
161
    m_waitForUserInput->wait(m_mutex);
182
    m_waitForUserInput->wait(m_mutex);
162
    m_mutex->unlock();
183
    m_mutex->unlock();
163
    ::free(details);
184
    openconnect_free_cert_info(m_openconnectInfo, details);
164
    if (*m_userDecidedToQuit)
185
    if (*m_userDecidedToQuit)
165
        return -EINVAL;
186
        return -EINVAL;
166
187
167
-- a/vpn/openconnect/openconnectauthworkerthread.h
188
++ b/vpn/openconnect/openconnectauthworkerthread.h
Lines 59-64 Link Here
59
#define OC_FORM_RESULT_NEWGROUP	2
59
#define OC_FORM_RESULT_NEWGROUP	2
60
#endif
60
#endif
61
61
62
#if OPENCONNECT_CHECK_VER(4,0)
63
#define OC3DUP(x)			(x)
64
#else
65
#define openconnect_set_option_value(opt, val) do { \
66
		struct oc_form_opt *_o = (opt);				\
67
		free(_o->value); _o->value = strdup(val);		\
68
	} while (0)
69
#define openconnect_free_cert_info(v, x) ::free(x)
70
#define OC3DUP(x)			strdup(x)
71
#endif
72
62
#include <QThread>
73
#include <QThread>
63
74
64
class QMutex;
75
class QMutex;
Lines 85-92 Link Here
85
    void run();
96
    void run();
86
97
87
private:
98
private:
88
    int writeNewConfig(char *, int);
99
    int writeNewConfig(const char *, int);
89
    int validatePeerCert(OPENCONNECT_X509 *, const char *);
100
    int validatePeerCert(void *, const char *);
90
    int processAuthFormP(struct oc_auth_form *);
101
    int processAuthFormP(struct oc_auth_form *);
91
    void writeProgress(int level, const char *, va_list);
102
    void writeProgress(int level, const char *, va_list);
92
103

Return to bug 532294