You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1365 lines
50 KiB
1365 lines
50 KiB
/***************************************************************************
|
|
* Copyright (C) 2004 by Christoph Thielecke *
|
|
* crissi99@gmx.de *
|
|
* *
|
|
* @description This class imports a certificate *
|
|
* *
|
|
* @author Christoph Thielecke <crissi99@gmx.de> *
|
|
* *
|
|
* This program is free software; you can redistribute it and/or modify *
|
|
* it under the terms of the GNU General Public License as published by *
|
|
* the Free Software Foundation; either version 2 of the License, or *
|
|
* (at your option) any later version. *
|
|
* *
|
|
* This program is distributed in the hope that it will be useful, *
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
|
|
* GNU General Public License for more details. *
|
|
* *
|
|
* You should have received a copy of the GNU General Public License *
|
|
* along with this program; if not, write to the *
|
|
* Free Software Foundation, Inc., *
|
|
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
|
|
***************************************************************************/
|
|
//BEGIN includes
|
|
#include "importcertificatedialog.h"
|
|
#include <tdemessagebox.h>
|
|
#include <tdelocale.h>
|
|
#include <kurlrequester.h>
|
|
#include <kpassdlg.h>
|
|
#include <kcombobox.h>
|
|
#include <kdebug.h>
|
|
#include <klineedit.h>
|
|
#include <iostream>
|
|
#include <tqfile.h>
|
|
#include <tqdir.h>
|
|
#include <tqtextstream.h>
|
|
#include <tqcursor.h>
|
|
#include <tqcheckbox.h>
|
|
#include <tqurl.h>
|
|
#include <iostream>
|
|
#include "kvpncconfig.h"
|
|
#include "utils.h"
|
|
//END includes
|
|
|
|
ImportCertificateDialog::ImportCertificateDialog ( TQWidget *parent, const char* caption, KVpncConfig *GlobalConfig )
|
|
: KDialogBase ( parent, i18n ( "Import Certificate" ).ascii(), true, caption,
|
|
KDialogBase::Ok|KDialogBase::Cancel, KDialogBase::Ok, true )
|
|
{
|
|
main = new ImportCertificateDialogBase ( this );
|
|
setMainWidget ( main );
|
|
main->setMinimumSize ( main->sizeHint() );
|
|
|
|
this->GlobalConfig = GlobalConfig;
|
|
filename = "";
|
|
certHash = "";
|
|
CertFullPath="";
|
|
CaCertFullPath="";
|
|
importOk = false;
|
|
importSuccess = true;
|
|
doHash = false;
|
|
doExit=true;
|
|
error_found=false;
|
|
certName = "";
|
|
certpath = "/etc/racoon/certs/";
|
|
pathToOpenSSL = GlobalConfig->pathToOpenssl;
|
|
main->RacoonCertificatePathUrlrequester->setMode ( 2 ); // directory
|
|
main->FilenameUrlrequester->setFilter ( "*" );
|
|
askpasscount=0;
|
|
|
|
env = new TQStringList();
|
|
*env << "LC_ALL=C" << "LANG=C" << "PATH=/bin:/usr/bin:/usr/sbin:/sbin";
|
|
|
|
connect ( main->ImporttypeComboBox, TQT_SIGNAL ( activated ( int ) ), this, TQT_SLOT ( typeToggeled ( int ) ) );
|
|
typeToggeled ( main->ImporttypeComboBox->currentItem() );
|
|
|
|
connect (main->UsePrivateKeyPasswordCheckBox, TQT_SIGNAL( toggled(bool)), this, TQT_SLOT(usePrivateKeyPassToggled(bool)));
|
|
usePrivateKeyPassToggled(main->UsePrivateKeyPasswordCheckBox->isChecked());
|
|
|
|
// TMP
|
|
/*
|
|
main->FilenameUrlrequester->setURL( "/home/crissi/thielecke.p12" );
|
|
//main->RacoonCertificatePathUrlrequester->setURL( "/etc/racoon/certs/" );
|
|
main->ImporttypeComboBox->setCurrentItem( 1 );
|
|
main->PrivateKeyPasswordEdit->setText( "12345678" );
|
|
main->PrivateKeyAgainPasswordEdit->setText( "12345678" );
|
|
*/
|
|
//main->ImportPasswordEdit->setText( "blah99" );
|
|
|
|
|
|
}
|
|
|
|
ImportCertificateDialog::~ImportCertificateDialog()
|
|
{
|
|
delete main;
|
|
}
|
|
|
|
void ImportCertificateDialog::accept()
|
|
{
|
|
|
|
importOk = true;
|
|
done=false;
|
|
error_found=false;
|
|
|
|
filename = main->FilenameUrlrequester->url();
|
|
importpassword = main->ImportPasswordEdit->text();
|
|
certpath = main->RacoonCertificatePathUrlrequester->url();
|
|
|
|
if ( filename.isEmpty() )
|
|
{
|
|
KMessageBox::sorry ( 0, i18n ( "File name cannot be empty!" ), i18n ( "Empty File Name" ) );
|
|
importOk = false;
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
// if ( filename.right( 3 ) != "p12" || filename.right (3) != "der" || filename.right (3) != "crt" ) {
|
|
// KMessageBox::sorry( 0, i18n( "File name isnt ended by \'p12\', 'der' or \'crt\'!" ), i18n( "Wrong File Name" ) );
|
|
// importOk = false;
|
|
// return;
|
|
// }
|
|
|
|
GlobalConfig->appPointer->setOverrideCursor ( TQCursor ( TQt::WaitCursor ) );
|
|
|
|
TQFile f ( filename );
|
|
if ( f.exists() )
|
|
{
|
|
if ( f.open ( IO_ReadOnly ) )
|
|
{
|
|
f.close();
|
|
}
|
|
else
|
|
{
|
|
KMessageBox::sorry ( 0, i18n ( "File does not exist!" ), i18n ( "No File" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: file \"%1\" does not exist." ).arg ( filename ),GlobalConfig->error );
|
|
|
|
importOk = false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
KMessageBox::sorry ( 0, i18n ( "File not readable!" ), i18n ( "Insufficient Rights" ) );
|
|
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: file \"%1\" is not readable." ).arg ( filename ),GlobalConfig->error );
|
|
importOk = false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
certpath="/etc/ipsec.d";
|
|
if ( !TQDir ( certpath ).exists() )
|
|
{
|
|
if ( !TQDir().mkdir ( certpath ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d" ),GlobalConfig->error );
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d" ),GlobalConfig->debug );
|
|
if ( !TQDir ( "/etc/ipsec.d/certs" ).exists() )
|
|
{
|
|
if ( !TQDir().mkdir ( "/etc/ipsec.d/certs" ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d/certs" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d/certs" ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d/certs" ),GlobalConfig->debug );
|
|
if ( !TQDir ( "/etc/ipsec.d/cacerts" ).exists() )
|
|
if ( !TQDir().mkdir ( "/etc/ipsec.d/cacerts" ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( "/etc/ipsec.d/cacerts" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist and could not be created." ).arg ( "/etc/ipsec.d/cacerts" ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( "/etc/ipsec.d/cacerts" ),GlobalConfig->debug );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
certpath="/etc/racoon/certs";
|
|
if ( !TQDir ( certpath ).exists() )
|
|
if ( !TQDir().mkdir ( certpath ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( certpath ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist." ).arg ( certpath ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( certpath ),GlobalConfig->debug );
|
|
}
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
certpath = main->RacoonCertificatePathUrlrequester->url();
|
|
if ( !TQDir ( certpath ).exists() )
|
|
if ( !TQDir().mkdir ( certpath ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "\"%1\" could not be created!" ).arg ( certpath ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist." ).arg ( certpath ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: directory \"%1\" does not exist but was successful created." ).arg ( certpath ),GlobalConfig->debug );
|
|
}
|
|
}
|
|
|
|
// if ( (main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
|
|
// main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
|
|
// main->ImporttypeComboBox->currentItem() == pkcs12_racoon
|
|
// ) &&
|
|
// importpassword.isEmpty() )
|
|
// {
|
|
// importOk = false;
|
|
// KMessageBox::sorry( 0, i18n( "Password can't be empty!" ), i18n( "Empty Password" ) );
|
|
// return;
|
|
// }
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (main->PrivateKeyPasswordEdit->text().isEmpty() || main->PrivateKeyPasswordEdit->text().length() < 4) )
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Private key password field can not be empty or less than 4 characters!" ), i18n ( "Password Empty or Too Short" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (main->PrivateKeyAgainPasswordEdit->text().isEmpty() || main->PrivateKeyAgainPasswordEdit->text().length() < 4 ))
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Private key password (again) field can not be empty!" ), i18n ( "Password Empty or Too Short" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
if ( importOk )
|
|
{
|
|
if ( main->PrivateKeyPasswordEdit->password() != main->PrivateKeyAgainPasswordEdit->password() )
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Private key passwords does not match!" ), i18n ( "Passwords Do Not Match" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
privatekeypassword = main->PrivateKeyAgainPasswordEdit->password();
|
|
}
|
|
}
|
|
}
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
|
|
{
|
|
if (main->UsePrivateKeyPasswordCheckBox->isChecked() && ( main->PrivateKeyPasswordEdit->text().isEmpty() || main->PrivateKeyPasswordEdit->text().length() < 4 ))
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Certificate password field can not be empty or less than 4 characters!" ), i18n ( "Password Empty or Too Short" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
if (main->UsePrivateKeyPasswordCheckBox->isChecked() && ( main->PrivateKeyAgainPasswordEdit->text().isEmpty() || main->PrivateKeyAgainPasswordEdit->text().length() < 4 ))
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Certificate password (again) field can not be empty!" ), i18n ( "Password Empty or Too Short" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
if ( importOk )
|
|
{
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() && (main->PrivateKeyPasswordEdit->password() != main->PrivateKeyAgainPasswordEdit->password() ))
|
|
{
|
|
importOk = false;
|
|
KMessageBox::sorry ( 0, i18n ( "Certificate passwords does not match!" ), i18n ( "Passwords Do Not Match" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
if (main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
privatekeypassword = main->PrivateKeyAgainPasswordEdit->password();
|
|
}
|
|
}
|
|
}
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
kdDebug() << "file: " << filename << ", type: " << main->ImporttypeComboBox->currentItem() << endl;
|
|
|
|
bool found=true;
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
// looking for openssl
|
|
|
|
TQString bin="openssl";
|
|
ToolInfo *tool = Utils ( GlobalConfig ).getToolInfo ( "openssl" );
|
|
//std::cout << "Tool (bin): " << bin << std::endl;
|
|
|
|
if ( tool->PathToExec.section ( '/',-1 ) != bin )
|
|
{
|
|
// program is NOT installed
|
|
KMessageBox::error ( this, i18n ( "The required tool (%1) is not installed, please install it first and restart kvpnc." ).arg ( bin ), i18n ( "Tool missing" ) );
|
|
found=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
if ( !found )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "Unable to find \"%1\"!" ).arg ( "openssl" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Unable to find \"%1\"!" ).arg ( "openssl" ) ,GlobalConfig->error );
|
|
importOk = false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
|
|
TQString file = Utils ( this->GlobalConfig ).removeSpecialCharsForFilename ( TQUrl ( filename ).fileName() );
|
|
certName = file.left ( file.length() - 4 ); // peter_pan.p12 -> peter_pan
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
TQString type="";
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon )
|
|
type="racoon";
|
|
else
|
|
type="OpenVPN";
|
|
TQFile certpathtest ( certpath + "/." );
|
|
|
|
if ( !certpathtest.exists() )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "%1 certificate path (%2) does not exist!" ).arg ( type ).arg ( certpath ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "%1 certificate path (%2) does not exist!" ).arg ( type ).arg ( certpath ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
TQFile testfile ( TQString ( certpath + "/test" ) );
|
|
if ( !testfile.open ( IO_WriteOnly ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "%1 certificate path (%2) is not writeable!" ).arg ( type ).arg ( certpath ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "%1 certificate path (%2) is not writeable!" ).arg ( type ).arg ( certpath ) ,GlobalConfig->error );
|
|
importOk = false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
testfile.remove();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// here we go
|
|
if ( importOk )
|
|
{
|
|
|
|
/*
|
|
FreeSWAN/Racoon:
|
|
openssl pkcs12 -in cert.p12 -clcerts -out /etc/racoon/certs/mykeys_company.pem -nodes
|
|
|
|
DER:
|
|
openssl x509 -in cert.crt -out ca_company.pem -inform DER
|
|
|
|
*/
|
|
// std::cout << "[std]:" << "settings ok." << std::endl;
|
|
|
|
ImportProcess = new TQProcess ( this );
|
|
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
ImportProcess->addArgument ( pathToOpenSSL );
|
|
}
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
|
|
{
|
|
ImportProcess->addArgument ( GlobalConfig->pathToCiscoCertMgr );
|
|
}
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
|
|
main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
|
|
main->ImporttypeComboBox->currentItem() == pkcs12_openvpn
|
|
)
|
|
{
|
|
ImportProcess->addArgument ( "pkcs12" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
ImportProcess->addArgument ( filename );
|
|
ImportProcess->addArgument ( "-nodes" );
|
|
ImportProcess->addArgument ( "-clcerts" );
|
|
ImportProcess->addArgument ( "-out" );
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
|
|
ImportProcess->addArgument ( "x509" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
ImportProcess->addArgument ( filename );
|
|
ImportProcess->addArgument ( "-out" );
|
|
ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
|
|
ImportProcess->addArgument ( "-inform" );
|
|
ImportProcess->addArgument ( "DER" );
|
|
}
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
ImportProcess->addArgument ( "/etc/ipsec.d/certs/mykeys_" + certName + ".pem" ); // warning: static
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
ImportProcess->addArgument ( certpath + "/mykeys_" + certName + ".pem" );
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
|
|
{
|
|
if (main->ImporttypeComboBox->currentItem() == cisco)
|
|
ImportProcess->addArgument ( "-U" );
|
|
if (main->ImporttypeComboBox->currentItem() == ciscoca)
|
|
ImportProcess->addArgument ( "-R" );
|
|
if (main->ImporttypeComboBox->currentItem() == ciscouserca)
|
|
{
|
|
ImportProcess->addArgument ( "-U" );
|
|
ImportProcess->addArgument ( "-R" );
|
|
}
|
|
ImportProcess->addArgument ( "-op" );
|
|
ImportProcess->addArgument ( "import" );
|
|
ImportProcess->addArgument ( "-f" );
|
|
ImportProcess->addArgument ( filename );
|
|
|
|
}
|
|
|
|
|
|
connect ( ImportProcess, TQT_SIGNAL ( readyReadStdout() ), this, TQT_SLOT ( readFromStdout_import() ) );
|
|
connect ( ImportProcess, TQT_SIGNAL ( readyReadStderr() ), this, TQT_SLOT ( readFromStderr_import() ) );
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
|
|
main->ImporttypeComboBox->currentItem() == pkcs12_racoon ||
|
|
main->ImporttypeComboBox->currentItem() == pkcs12_openvpn
|
|
)
|
|
{
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doCacert() ) );
|
|
}
|
|
if ( main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doCreateHash() ) );
|
|
}
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca)
|
|
{
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( ciscoCertMgrExited() ) );
|
|
}
|
|
|
|
if ( !ImportProcess->start ( env ) )
|
|
{
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "openssl" ) );
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco )
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "cisco_cert_mgr" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
doExit=true;
|
|
|
|
TQString processname = "";
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn || main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == ca_der )
|
|
{
|
|
processname="openssl";
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel >3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("accept()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
|
|
|
|
if ( main->ImportPasswordEdit->text().isEmpty() )
|
|
ImportProcess->writeToStdin ( "\n" );
|
|
else
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
|
|
|
|
}
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco )
|
|
processname="cisco_cert_mgr";
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Process (%1) started." ).arg (processname ),GlobalConfig->debug );
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco /*|| main->ImporttypeComboBox->currentItem() == ciscoca*/ )
|
|
{
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() +"\n");
|
|
if (main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
{
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->password() + "\n" );
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->password() + "\n" );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::canAccept()
|
|
{
|
|
if ( importSuccess )
|
|
{
|
|
KMessageBox::information ( 0, i18n ( "Certificate was sucessfully imported." ), i18n ( "Import Successful" ) );
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate was successfully imported." ),GlobalConfig->debug );
|
|
}
|
|
else
|
|
{
|
|
KMessageBox::sorry ( 0, i18n ( "Certificate import failed." ), i18n ( "Import Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate could not be imported." ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
TQString bin="ipsec";
|
|
ToolInfo *tool;
|
|
//std::cout << "Tool (bin): " << bin << std::endl;
|
|
if ( !GlobalConfig->ToolList->isEmpty() )
|
|
{
|
|
for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
|
|
{
|
|
if ( bin == tool->Name )
|
|
{
|
|
if ( tool->PathToExec.section ( '/',-1 ) != bin )
|
|
{
|
|
// program is NOT installed
|
|
KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon )
|
|
{
|
|
TQString bin="racoon";
|
|
ToolInfo *tool;
|
|
//std::cout << "Tool (bin): " << bin << std::endl;
|
|
if ( !GlobalConfig->ToolList->isEmpty() )
|
|
{
|
|
for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
|
|
{
|
|
if ( bin == tool->Name )
|
|
{
|
|
if ( tool->PathToExec.section ( '/',-1 ) != bin )
|
|
{
|
|
// program is NOT installed
|
|
KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
TQString bin="openvpn";
|
|
ToolInfo *tool;
|
|
//std::cout << "Tool (bin): " << bin << std::endl;
|
|
if ( !GlobalConfig->ToolList->isEmpty() )
|
|
{
|
|
for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
|
|
{
|
|
if ( bin == tool->Name )
|
|
{
|
|
if ( tool->PathToExec.section ( '/',-1 ) != bin )
|
|
{
|
|
// program is NOT installed
|
|
KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == cisco || main->ImporttypeComboBox->currentItem() == ciscoca || main->ImporttypeComboBox->currentItem() == ciscouserca )
|
|
{
|
|
TQString bin="cisco_cert_mgr";
|
|
ToolInfo *tool;
|
|
//std::cout << "Tool (bin): " << bin << std::endl;
|
|
if ( !GlobalConfig->ToolList->isEmpty() )
|
|
{
|
|
for ( tool = GlobalConfig->ToolList->first(); tool; tool = GlobalConfig->ToolList->next() )
|
|
{
|
|
if ( bin == tool->Name )
|
|
{
|
|
if ( tool->PathToExec.section ( '/',-1 ) != bin )
|
|
{
|
|
// program is NOT installed
|
|
KMessageBox::information ( this, i18n ( "The required tool (%1) is not installed, please install it before you are connecting and restart kvpnc." ).arg ( bin ), i18n ( "Tool Missing" ) );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
|
|
if ( doExit )
|
|
TQDialog::accept();
|
|
}
|
|
|
|
void ImportCertificateDialog::reject()
|
|
{
|
|
importOk=false;
|
|
importSuccess=false;
|
|
TQDialog::reject();
|
|
}
|
|
|
|
void ImportCertificateDialog::doCacert()
|
|
{
|
|
disconnect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doCacert() ) );
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doCacert()"),GlobalConfig->debug );
|
|
|
|
if ( ImportProcess->normalExit () )
|
|
{
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
Utils ( GlobalConfig,this ).doChmod ( "/etc/ipsec.d/certs/mykeys_" + certName + ".pem","go-rwx" );
|
|
}
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_racoon || main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
{
|
|
Utils ( GlobalConfig,this ).doChmod ( certpath + "/mykeys_" + certName + ".pem","go-rwx" );
|
|
}
|
|
|
|
/*
|
|
openssl pkcs12 -in cert.p12 -nokeys -cacerts -out /etc/racoon/certs/ca_company.pem -nodes
|
|
*/
|
|
ImportProcess->clearArguments();
|
|
ImportProcess->addArgument ( pathToOpenSSL );
|
|
ImportProcess->addArgument ( "pkcs12" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
ImportProcess->addArgument ( filename );
|
|
ImportProcess->addArgument ( "-nokeys" );
|
|
ImportProcess->addArgument ( "-cacerts" );
|
|
ImportProcess->addArgument ( "-out" );
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
ImportProcess->addArgument ( "/etc/ipsec.d/cacerts/ca_" + certName + ".pem" ); // warning: static
|
|
CaCertFullPath="/etc/ipsec.d/cacerts/ca_" + certName + ".pem";
|
|
}
|
|
else
|
|
{
|
|
ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
|
|
CaCertFullPath=certpath + "/ca_" + certName + ".pem";
|
|
}
|
|
|
|
ImportProcess->addArgument ( "-nodes" );
|
|
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doCreateHash() ) );
|
|
|
|
if ( ! ImportProcess->start ( env ) )
|
|
{
|
|
KMessageBox::error ( this, i18n ( "Unable to extract CA certificate!" ), i18n ( "Extract Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: CA certificate could not be extracted." ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doCacert()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
|
|
|
|
if ( main->ImportPasswordEdit->text().isEmpty() )
|
|
ImportProcess->writeToStdin ( "\n" );
|
|
else
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
|
|
|
|
doExit=true;
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: CA certificate successful extracted." ),GlobalConfig->debug );
|
|
}
|
|
}
|
|
else
|
|
{
|
|
importSuccess=false;
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from accept() failed." ),GlobalConfig->error );
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::doPrivateKey()
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( "[dbg]: doPrivateKey()",GlobalConfig->debug );
|
|
disconnect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doPrivateKey() ) );
|
|
|
|
if ( ImportProcess->normalExit () )
|
|
{
|
|
|
|
/*
|
|
openssl pkcs12 -in cert.p12 -nocerts -out /etc/racoon/certs/ca_company.pem
|
|
*/
|
|
ImportProcess->clearArguments();
|
|
ImportProcess->addArgument ( pathToOpenSSL );
|
|
ImportProcess->addArgument ( "pkcs12" );
|
|
ImportProcess->addArgument ( "-nocerts" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
ImportProcess->addArgument ( filename );
|
|
ImportProcess->addArgument ( "-out" );
|
|
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
|
|
|
|
if ( !certpath.isEmpty() )
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
CertFullPath=certpath+"/private/" + certName + ".pem";
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
CertFullPath=certpath+"/" + certName + ".pem";
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( exit() ) );
|
|
else
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( removePrivateKey() ) );
|
|
|
|
//LogOutput->append( "priv key: we starting..." );
|
|
if ( !ImportProcess->start( ) )
|
|
{
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (private key)!" ) );
|
|
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: private key could not extracted." ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doPrivateKey()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
|
|
|
|
// if ( main->ImportPasswordEdit->text().isEmpty() )
|
|
// ImportProcess->writeToStdin ( "\n" );
|
|
// else
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
|
|
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
|
|
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
|
|
|
|
// we need 4 chars here
|
|
ImportProcess->writeToStdin ( "abcd\n" );
|
|
|
|
}
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
|
|
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
|
|
|
|
// we need 4 chars here
|
|
ImportProcess->writeToStdin ( "abcd\n" );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
else
|
|
{
|
|
importSuccess=false;
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doLink() failed." ),GlobalConfig->error );
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::doCreateHash()
|
|
{
|
|
|
|
disconnect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doCreateHash() ) );
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doCreateHash()"),GlobalConfig->debug );
|
|
|
|
if ( ImportProcess->normalExit () )
|
|
{
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
Utils ( GlobalConfig,this ).doChmod ( certpath+"/cacerts/ca_" + certName + ".pem","go-rwx" );
|
|
else
|
|
Utils ( GlobalConfig,this ).doChmod ( certpath + "/ca_" + certName + ".pem","go-rwx" );
|
|
|
|
/*
|
|
openssl x509 -noout -hash < /etc/racoon/certs/ca_company.pem
|
|
*/
|
|
ImportProcess->clearArguments();
|
|
ImportProcess->addArgument ( pathToOpenSSL );
|
|
ImportProcess->addArgument ( "x509" );
|
|
ImportProcess->addArgument ( "-noout" );
|
|
ImportProcess->addArgument ( "-hash" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
ImportProcess->addArgument ( certpath+"/cacerts/ca_" + certName + ".pem" ); // warning: static
|
|
else
|
|
ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
|
|
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doLink() ) );
|
|
|
|
|
|
// LogOutput->append( "hash: we starting..." );
|
|
if ( !ImportProcess->start( ) )
|
|
{
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "hash" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: hash could not created." ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2" ).arg("doCreateHash()").arg ( i18n ( " import password" ) ),GlobalConfig->debug );
|
|
|
|
if ( main->ImportPasswordEdit->text().isEmpty() )
|
|
ImportProcess->writeToStdin ( "\n" );
|
|
else
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
|
|
while (ImportProcess->isRunning())
|
|
{
|
|
sleep (1);
|
|
}
|
|
|
|
doExit=true;
|
|
doHash = true;
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: hash successful created." ),GlobalConfig->debug );
|
|
}
|
|
}
|
|
else
|
|
{
|
|
importSuccess=false;
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doCert() failed." ),GlobalConfig->error );
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::doLink()
|
|
{
|
|
disconnect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doLink() ) );
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("doLink()"),GlobalConfig->debug );
|
|
|
|
if ( ImportProcess->normalExit () )
|
|
{
|
|
|
|
doHash = false;
|
|
ImportProcess->clearArguments();
|
|
/*
|
|
ln -s /etc/racoon/certs/ca_company.pem /etc/racoon/certs/<hash>.0
|
|
*/
|
|
ImportProcess->addArgument ( "ln" );
|
|
ImportProcess->addArgument ( "-sf" );
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
{
|
|
ImportProcess->addArgument ( certpath+"/cacerts/ca_" + certName + ".pem" );
|
|
ImportProcess->addArgument ( certpath+"/cacerts/" + certHash + ".0" );
|
|
}
|
|
else
|
|
{
|
|
ImportProcess->addArgument ( certpath + "/ca_" + certName + ".pem" );
|
|
ImportProcess->addArgument ( certpath +"/"+ certHash + ".0" );
|
|
}
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan ||
|
|
main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( doPrivateKey() ) );
|
|
else
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( exit() ) );
|
|
|
|
|
|
if ( !ImportProcess->start( ) )
|
|
{
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "ln -s" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link could not created." ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
while (ImportProcess->isRunning())
|
|
{
|
|
usleep (500);
|
|
}
|
|
|
|
delete ImportProcess;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link creation sucessful." ),GlobalConfig->error );
|
|
ImportProcess =0L;
|
|
exit();
|
|
}
|
|
}
|
|
else
|
|
{
|
|
importSuccess=false;
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Skipping link creation." ),GlobalConfig->error );
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::exit()
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("exit()"),GlobalConfig->debug );
|
|
|
|
|
|
if ( (ImportProcess != 0L && ImportProcess->normalExit() ) || ImportProcess == 0L )
|
|
{
|
|
doExit=true;
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: Link successful created." ),GlobalConfig->debug );
|
|
|
|
// if ( ImportProcess->normalExit() )
|
|
// importOk=true;
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
Utils ( GlobalConfig,this ).doChmod ( certpath+"/private/" + certName + ".pem","go-rwx" );
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
Utils ( GlobalConfig,this ).doChmod ( certpath+"/" + certName + ".pem","go-rwx" );
|
|
done=true;
|
|
canAccept();
|
|
}
|
|
else
|
|
{
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
importSuccess=false;
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: import process from doPrivateKey() failed." ),GlobalConfig->error );
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::readFromStdout_import()
|
|
{
|
|
|
|
// TQString line = TQString( ImportProcess->readStdout() );
|
|
while ( ImportProcess->canReadLineStdout() )
|
|
{
|
|
TQString line = TQString ( ImportProcess->readLineStdout() );
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import stdout: %1" ).arg ( line ),GlobalConfig->debug );
|
|
if ( doHash )
|
|
{
|
|
certHash = line.left ( line.length() - 1 );
|
|
doHash = false;
|
|
// LogOutput->append( "<font color=\"red\">[std]: hash" + line + "</font>" );
|
|
}
|
|
|
|
if ( line.find ( "Enter Import Password" , 0, FALSE ) > -1 )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1 was requested, send it..." ).arg ( i18n ( " import password" ) ),GlobalConfig->debug );
|
|
|
|
if ( main->ImportPasswordEdit->text().isEmpty() )
|
|
ImportProcess->writeToStdin ( "\n" );
|
|
else
|
|
ImportProcess->writeToStdin ( main->ImportPasswordEdit->text() + "\n" );
|
|
}
|
|
|
|
else if ( line.find ( "Enter PEM pass phrase" , 0, FALSE ) > -1 )
|
|
{
|
|
|
|
if ( askpasscount < 10 )
|
|
{
|
|
|
|
if ( main->UsePrivateKeyPasswordCheckBox->isChecked() )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password" ) ),GlobalConfig->debug );
|
|
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->text() + "\n" );
|
|
}
|
|
else
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("doPrivateKey").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
|
|
|
|
// we need 4 chars here
|
|
ImportProcess->writeToStdin ( "abcd\n" );
|
|
|
|
}
|
|
askpasscount+=1;
|
|
}
|
|
else
|
|
{
|
|
// whats happen???
|
|
// doExit=true;
|
|
}
|
|
}
|
|
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == cisco )
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 2 )
|
|
GlobalConfig->appendLogEntry ("[cisco_cert_mgr raw] "+line,GlobalConfig->debug);
|
|
|
|
if ( line.find ( "Password:" , 0, FALSE ) > -1 || line.find ( "Confirm Password:" , 0, FALSE ) > -1 )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1 was requested, send it..." ).arg ( i18n ( "certificate password" ) ),GlobalConfig->debug );
|
|
ImportProcess->writeToStdin ( main->PrivateKeyPasswordEdit->password() + "\n" );
|
|
|
|
}
|
|
if ( line.find ( "Success: certificate imported from path:", 0, FALSE ) > -1 )
|
|
{
|
|
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import was successful." ) ,GlobalConfig->info );
|
|
importOk=true;
|
|
importSuccess=true;
|
|
doExit=true;
|
|
done=true;
|
|
}
|
|
|
|
}
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::readFromStderr_import()
|
|
{
|
|
// TQString line = TQString ( ImportProcess->readStderr() );
|
|
while ( ImportProcess->canReadLineStderr() )
|
|
{
|
|
TQString line = TQString ( ImportProcess->readLineStderr() );
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
{
|
|
if ( line.find ( "Enter Import Pass", 0, FALSE ) > -1 || line.find ( "Enter PEM pass phrase", 0, FALSE ) > -1 || line.find ( "MAC verified OK", 0, FALSE ) > -1 || line.find ( "Enter pass phrase for", 0, FALSE ) > -1 || line.find ( "writing RSA key", 0, FALSE ) > -1 )
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg ( line ),GlobalConfig->info );
|
|
}
|
|
else
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import stderr: %1" ).arg ( line ),GlobalConfig->error );
|
|
}
|
|
}
|
|
if ( line.find ( "Error",9, FALSE ) > -1 )
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg ( line ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
importOk = false;
|
|
doExit=false;
|
|
// error_found=true;
|
|
}
|
|
|
|
else if ( line.find ( "invalid password" , 0, FALSE ) > -1 || line.find ( "Mac verify error: invalid password?", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::sorry ( this , i18n ( "Wrong password." ), i18n ( "Password Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: password was invalid" ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
importOk = false;
|
|
doExit=false;
|
|
error_found=true;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
}
|
|
|
|
else if ( line.find ( "unable to load certificate", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::error ( this, i18n ( "Unable to load certificate!" ), i18n ( "Load Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Unable to load certificate!" ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
importSuccess=false;
|
|
doExit=false;
|
|
error_found=true;
|
|
// if ( ImportProcess != 0L && ImportProcess->isRunning() )
|
|
// {
|
|
// disconnect ( ImportProcess, TQT_SIGNAL ( readyReadStdout() ), this, TQT_SLOT ( readFromStdout_import() ) );
|
|
// disconnect ( ImportProcess, TQT_SIGNAL ( readyReadStderr() ), this, TQT_SLOT ( readFromStderr_import() ) );
|
|
// ImportProcess->kill();
|
|
// ImportProcess = 0L;
|
|
// }
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
done=true;
|
|
return;
|
|
}
|
|
else if ( line.find ( "unable to load Private Key", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::error ( this, i18n ( "unable to load Private Key!" ), i18n ( "Load Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "unable to load Private Key!" ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
importSuccess=false;
|
|
doExit=false;
|
|
error_found=true;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
if ( ImportProcess->isRunning() )
|
|
{
|
|
ImportProcess->kill();
|
|
}
|
|
done=true;
|
|
}
|
|
|
|
else if ( line.find ( "Error opening output file", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::error ( this, i18n ( "Error opening output file." ), i18n ( "File open failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Error opening output file!" ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
importSuccess=false;
|
|
doExit=true;
|
|
error_found=true;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
done=true;
|
|
}
|
|
else if ( line.find ( "Verify failure", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::error ( this, i18n ( "Verify failure at private key password." ), i18n ( "Verify failure" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Verify failure at private key password." ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
importSuccess=false;
|
|
doExit=true;
|
|
error_found=true;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
done=true;
|
|
}
|
|
|
|
else if ( line.find ( "MAC verified OK", 0, FALSE ) > -1 )
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Import password was ok." ) ,GlobalConfig->debug );
|
|
importSuccess=true;
|
|
}
|
|
|
|
else if ( main->ImporttypeComboBox->currentItem() == cisco )
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 2 )
|
|
GlobalConfig->appendLogEntry ("[cisco_cert_mgr raw err] "+line,GlobalConfig->debug);
|
|
|
|
if ( line.find ( "error: unable to import certificate from path:", 0, FALSE ) > -1 )
|
|
{
|
|
if (error_found==false)
|
|
KMessageBox::error ( this, i18n ( "Unable to load certificate!" ), i18n ( "Load Failed" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Unable to load certificate!" ) ,GlobalConfig->error );
|
|
importOk=false;
|
|
importSuccess=false;
|
|
doExit=false;
|
|
error_found=true;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
if ( ImportProcess->isRunning() )
|
|
{
|
|
ImportProcess->kill();
|
|
}
|
|
done=true;
|
|
}
|
|
|
|
else if ( line.find ( "Success: certificate imported from path:", 0, FALSE ) > -1 )
|
|
{
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate imported from path." ) ,GlobalConfig->error );
|
|
importOk=true;
|
|
importSuccess=true;
|
|
doExit=false;
|
|
done=true;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::typeToggeled ( int type )
|
|
{
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( TQString ( "type: "+TQString().setNum ( type ) ),GlobalConfig->debug );
|
|
if ( type == pkcs12_freeswan )
|
|
{
|
|
certpath = "/etc/ipsec.d/certs";
|
|
// main->PrivateKeyPasswordEdit->setEnabled ( true );
|
|
// main->PrivateKeyAgainPasswordEdit->setEnabled ( true );
|
|
main->RacoonCertificatePathUrlrequester->setEnabled ( false );
|
|
main->ImportPasswordEdit->setEnabled ( true );
|
|
main->P12GroupBox->setEnabled ( true );
|
|
// main->PrivateKeyPassGroupBox->setEnabled ( true );
|
|
main->FilenameUrlrequester->setFilter ( "*.p12" );
|
|
}
|
|
else if ( type == pkcs12_racoon )
|
|
{
|
|
certpath = "/etc/racoon/certs/";
|
|
// main->PrivateKeyPasswordEdit->setEnabled ( false );
|
|
// main->PrivateKeyAgainPasswordEdit->setEnabled ( false );
|
|
main->RacoonCertificatePathUrlrequester->setEnabled ( true );
|
|
main->ImportPasswordEdit->setEnabled ( true );
|
|
main->P12GroupBox->setEnabled ( true );
|
|
// main->PrivateKeyPassGroupBox->setEnabled ( false );
|
|
main->FilenameUrlrequester->setFilter ( "*.p12" );
|
|
}
|
|
else if ( type == ca_der )
|
|
{
|
|
certpath = "/etc/certs/";
|
|
// main->PrivateKeyPasswordEdit->setEnabled ( false );
|
|
// main->PrivateKeyAgainPasswordEdit->setEnabled ( false );
|
|
main->RacoonCertificatePathUrlrequester->setEnabled ( true );
|
|
main->ImportPasswordEdit->setEnabled ( false );
|
|
main->P12GroupBox->setEnabled ( false );
|
|
// main->PrivateKeyPassGroupBox->setEnabled ( false );
|
|
main->FilenameUrlrequester->setFilter ( "*.der *.crt" );
|
|
}
|
|
else if ( type == pkcs12_openvpn )
|
|
{
|
|
certpath = "/etc/openvpn";
|
|
main->PrivateKeyPasswordEdit->setEnabled ( true );
|
|
main->PrivateKeyAgainPasswordEdit->setEnabled ( true );
|
|
main->RacoonCertificatePathUrlrequester->setEnabled ( true );
|
|
main->RacoonCertificatePathUrlrequester->setURL( certpath );
|
|
main->ImportPasswordEdit->setEnabled ( true );
|
|
main->P12GroupBox->setEnabled ( true );
|
|
main->PrivateKeyPassGroupBox->setEnabled ( true );
|
|
main->FilenameUrlrequester->setFilter ( "*.p12" );
|
|
}
|
|
else if ( type == cisco )
|
|
{
|
|
main->P12GroupBox->setTitle ( i18n ( "Import" ) );
|
|
main->CertPathTextLabel->hide();
|
|
main->RacoonCertificatePathUrlrequester->hide();
|
|
main->PrivateKeyPassGroupBox->setTitle ( i18n ( "Certificate protection" ) );
|
|
main->PrivateKeyPassTextLabel->setText(i18n ("Certificate password:"));
|
|
main->PrivateKeyPassAgainTextLabel->setText(i18n ("Certificate password again:"));
|
|
main->FilenameUrlrequester->setFilter ( "*" );
|
|
}
|
|
|
|
else
|
|
{
|
|
main->P12GroupBox->setTitle ( i18n ( "P12" ) );
|
|
main->CertPathTextLabel->hide();
|
|
main->RacoonCertificatePathUrlrequester->hide();
|
|
main->PrivateKeyPassGroupBox->setTitle ( i18n ( "FreeS/WAN (Openswan)" ) );
|
|
main->PrivateKeyPassTextLabel->setText(i18n ("Private key passphrase:"));
|
|
main->PrivateKeyPassAgainTextLabel->setText(i18n ("Passphrase again:"));
|
|
main->FilenameUrlrequester->setFilter ( "*" );
|
|
}
|
|
|
|
main->RacoonCertificatePathUrlrequester->setURL ( certpath );
|
|
}
|
|
|
|
void ImportCertificateDialog::ciscoCertMgrExited()
|
|
{
|
|
doExit=true;
|
|
importOk=true;
|
|
importSuccess=true;
|
|
done=true;
|
|
if ( GlobalConfig->KvpncDebugLevel > 0 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: certificate successful imported." ),GlobalConfig->debug );
|
|
canAccept();
|
|
}
|
|
|
|
void ImportCertificateDialog::usePrivateKeyPassToggled(bool)
|
|
{
|
|
if (main->UsePrivateKeyPasswordCheckBox->isChecked())
|
|
{
|
|
main->PrivateKeyPassGroupBox->setEnabled(true);
|
|
}
|
|
else
|
|
{
|
|
main->PrivateKeyPassGroupBox->setEnabled(false);
|
|
}
|
|
}
|
|
|
|
void ImportCertificateDialog::removePrivateKey()
|
|
{
|
|
disconnect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( removePrivateKey() ) );
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1" ).arg("removePrivateKey()"),GlobalConfig->debug );
|
|
|
|
if ( ImportProcess->normalExit () )
|
|
{
|
|
ImportProcess->clearArguments();
|
|
ImportProcess->addArgument ( pathToOpenSSL );
|
|
ImportProcess->addArgument ( "rsa" );
|
|
ImportProcess->addArgument ( "-in" );
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
|
|
|
|
ImportProcess->addArgument ( "-out" );
|
|
|
|
if ( main->ImporttypeComboBox->currentItem() == pkcs12_freeswan )
|
|
ImportProcess->addArgument ( certpath+"/private/" + certName + ".pem" ); // warning: static
|
|
else if ( main->ImporttypeComboBox->currentItem() == pkcs12_openvpn )
|
|
ImportProcess->addArgument ( certpath+"/" + certName + ".pem" ); // warning: static
|
|
|
|
connect ( ImportProcess, TQT_SIGNAL ( processExited () ), this, TQT_SLOT ( exit() ) );
|
|
|
|
|
|
if ( !ImportProcess->start( ) )
|
|
{
|
|
KMessageBox::sorry ( this, i18n ( "Unable to start process (%1)!" ).arg ( "ln -s" ) );
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: passphrase could not removed." ),GlobalConfig->error );
|
|
importSuccess=false;
|
|
GlobalConfig->appPointer->restoreOverrideCursor();
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
|
|
if ( GlobalConfig->KvpncDebugLevel > 3 )
|
|
GlobalConfig->appendLogEntry ( i18n ( "Certificate import: %1: send %2..." ).arg("removePrivateKey()").arg ( i18n ( " private key password dummy" ) ),GlobalConfig->debug );
|
|
|
|
// we need 4 chars here
|
|
ImportProcess->writeToStdin ( "abcd\n" );
|
|
}
|
|
}
|
|
else
|
|
{
|
|
importSuccess=false;
|
|
}
|
|
}
|
|
|
|
#include "importcertificatedialog.moc"
|