From e08b62df404a09045f51df0324e96335f9725c8f Mon Sep 17 00:00:00 2001 From: Mykola Baibuz Date: Tue, 20 Aug 2024 22:46:51 +0300 Subject: [PATCH] Fix work wth PKCS12 TempFile --- .../protocols/ikev2_vpn_protocol_windows.cpp | 82 ++++++++++--------- 1 file changed, 42 insertions(+), 40 deletions(-) diff --git a/client/protocols/ikev2_vpn_protocol_windows.cpp b/client/protocols/ikev2_vpn_protocol_windows.cpp index ac5966cb..e2e4ca90 100644 --- a/client/protocols/ikev2_vpn_protocol_windows.cpp +++ b/client/protocols/ikev2_vpn_protocol_windows.cpp @@ -180,11 +180,13 @@ ErrorCode Ikev2Protocol::start() QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()); setConnectionState(Vpn::ConnectionState::Connecting); - QTemporaryFile certFile; - certFile.setAutoRemove(false); - certFile.open(); - certFile.write(cert); - certFile.close(); + QTemporaryFile * certFile = new QTemporaryFile; + certFile->setAutoRemove(false); + certFile->open(); + QString m_filename = certFile->fileName(); + certFile->write(cert); + certFile->close(); + delete certFile; { auto certInstallProcess = IpcClient::CreatePrivilegedProcess(); @@ -201,12 +203,12 @@ ErrorCode Ikev2Protocol::start() return ErrorCode::AmneziaServiceConnectionFailed; } certInstallProcess->setProgram(PermittedProcess::CertUtil); - QString password = QString("-p %1").arg(m_config[config_key::password].toString()); - QStringList arguments({"-f", "-importpfx", password, - QDir::toNativeSeparators(certFile.fileName()), "NoExport" - }); - certInstallProcess->setArguments(arguments); + QStringList arguments({"-f", "-importpfx", "-p", m_config[config_key::password].toString(), + QDir::toNativeSeparators(m_filename), "NoExport" + }); + + certInstallProcess->setArguments(arguments); certInstallProcess->start(); } // /* @@ -220,40 +222,40 @@ ErrorCode Ikev2Protocol::start() } { - { - if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){ - qDebug() <<"Can't create the VPN connect"; - } - } - } + { + if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){ + qDebug() <<"Can't create the VPN connect"; +} +} +} - { - QProcess adapterConfigProcess; - adapterConfigProcess.setProgram("powershell"); - QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" " - "-ConnectionName '%1' " - "-AuthenticationTransformConstants GCMAES128 " - "-CipherTransformConstants GCMAES128 " - "-EncryptionMethod AES256 " - "-IntegrityCheckMethod SHA256 " - "-PfsGroup None " - "-DHGroup Group14 " - "-PassThru -Force\"") - .arg(tunnelName()); +{ + QProcess adapterConfigProcess; + adapterConfigProcess.setProgram("powershell"); + QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" " + "-ConnectionName '%1' " + "-AuthenticationTransformConstants GCMAES128 " + "-CipherTransformConstants GCMAES128 " + "-EncryptionMethod AES256 " + "-IntegrityCheckMethod SHA256 " + "-PfsGroup None " + "-DHGroup Group14 " + "-PassThru -Force\"") + .arg(tunnelName()); - adapterConfigProcess.setNativeArguments(arguments); + adapterConfigProcess.setNativeArguments(arguments); - adapterConfigProcess.start(); - adapterConfigProcess.waitForFinished(5000); + adapterConfigProcess.start(); + adapterConfigProcess.waitForFinished(5000); +} +//*/ +{ + if (!connect_to_vpn(tunnelName())) { + qDebug()<<"We can't connect to VPN"; } - //*/ - { - if (!connect_to_vpn(tunnelName())) { - qDebug()<<"We can't connect to VPN"; - } - } - //setConnectionState(Connecting); - return ErrorCode::NoError; +} +//setConnectionState(Connecting); +return ErrorCode::NoError; } //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,