📄 vpnconfig.cpp
字号:
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_authType;
if(RegSetValueEx(hKey,
"AuthType",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// AuthValue
valueSize=actSession.m_authValue.GetLength()+1;
valueType=REG_MULTI_SZ;
value=new char[valueSize];
strcpy(value,actSession.m_authValue);
for(DWORD j=0; j<valueSize; j++)
{
if(value[j]=='\n')
value[j]='\0';
}
if(RegSetValueEx(hKey,
"AuthValue",
NULL,
valueType,
(LPBYTE)value,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecMode
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecMode;
if(RegSetValueEx(hKey,
"IpsecMode",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecEncryption
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecEncryption;
if(RegSetValueEx(hKey,
"IpsecEncryption",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecAuth
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecAuth;
if(RegSetValueEx(hKey,
"IpsecAuth",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecPFS
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecPFS;
if(RegSetValueEx(hKey,
"IpsecPFS",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecRekeyData
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecRekeyData;
if(RegSetValueEx(hKey,
"IpsecRekeyData",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// IpsecRekeyTime
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_ipsecRekeyTime;
if(RegSetValueEx(hKey,
"IpsecRekeyTime",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// RAS
valueSize=actSession.m_ras.GetLength()+1;
valueType=REG_SZ;
if(RegSetValueEx(hKey,
"RAS",
NULL,
valueType,
(LPBYTE)(LPCSTR)actSession.m_ras,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// L2TP
valueSize=actSession.m_l2tp.GetLength()+1;
valueType=REG_SZ;
if(RegSetValueEx(hKey,
"L2TP",
NULL,
valueType,
(LPBYTE)(LPCSTR)actSession.m_l2tp,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// BlockNonIPSec
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_blockNonIPSec;
if(RegSetValueEx(hKey,
"BlockNonIPSec",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
// AllowLocalTraffic
valueType=REG_DWORD;
valueSize=sizeof(intValue);
intValue=actSession.m_allowLocalTraffic;
if(RegSetValueEx(hKey,
"AllowLocalTraffic",
NULL,
valueType,
(LPBYTE)&intValue,
valueSize)!=ERROR_SUCCESS)
{
return 1;
}
RegCloseKey(hKey);
}
}
do
{
key.Format("SOFTWARE\\Evidian\\VPNDialer\\Session%i",i);
// get Last Date from Registry
regRetVal=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
key,
0,
KEY_QUERY_VALUE,
&hKey);
RegCloseKey(hKey);
if(regRetVal==ERROR_SUCCESS)
{
RegDeleteKey(HKEY_LOCAL_MACHINE, key);
}
// Try next Session
i++;
} while (regRetVal==ERROR_SUCCESS);
return 0;
}
CString CVPNConfig::GetIPSecTool()
{
switch(GetOSVersion())
{
case OS_WIN2K:
return "ipsecpol";
break;
case OS_WINXP:
return "ipseccmd";
break;
default:
return "";
}
return "";
}
int CVPNConfig::ActivateIPSec(int actConfig, const CString& myIP, CString& log)
{
CString ipsectool=GetIPSecTool();
CString tmp, tmp2, tmp3;
CString tunnel, myNet, myTunIP, partnerNet, authMode, reKey;
CArray<CString,CString> myIPs, myNetmasks;
int res;
int pos1,pos2;
/*
* First remove old Session
*/
RemoveIPSec();
/*
* Create Tunnels
*/
// if myIP is empty just use a lan-one
if(myIP=="")
{
GetLanIPs(myIPs,myNetmasks);
if(myIPs.GetSize()>1)
{
// Select Interface to use for Tunnel
CSelectInterfaceDialog dlg;
dlg.m_interfaces=&myIPs;
dlg.DoModal();
myNet.Format("%s/255.255.255.255",myIPs[dlg.m_selectedInterface]);
myTunIP=myIPs[dlg.m_selectedInterface];
}
else
{
myNet.Format("%s/255.255.255.255",myIPs[0]);
myTunIP=myIPs[0];
}
}
else
{
myNet.Format("%s/255.255.255.255",myIP);
myTunIP=myIP;
}
if(m_vpnSessions[actConfig].m_network=="0.0.0.0")
partnerNet="*";
else
partnerNet.Format("%s/%s",m_vpnSessions[actConfig].m_network,m_vpnSessions[actConfig].m_netmask);
switch(m_vpnSessions[actConfig].m_ipsecAuth)
{
case VPN_IPSECAUTH_NONE:
authMode = "none";
break;
case VPN_IPSECAUTH_MD5:
authMode = "MD5";
break;
case VPN_IPSECAUTH_SHA:
authMode = "SHA";
break;
default:
AfxMessageBox("Wrong Auth-Method for IPSEC",MB_OK|MB_ICONERROR);
}
reKey.Format("%iS/%iK",m_vpnSessions[actConfig].m_ipsecRekeyTime,m_vpnSessions[actConfig].m_ipsecRekeyData);
tmp2=m_vpnSessions[actConfig].m_name;
tmp2.Replace(" ","-");
tunnel.Format("%s -w REG -p VPNDialer -r Host-%s -t %s ",ipsectool,tmp2,m_vpnSessions[actConfig].m_gateway);
tmp.Format("-f %s=%s -n ESP[%s,3DES]%s",myNet,partnerNet,authMode,reKey);
tunnel+=tmp;
if(m_vpnSessions[actConfig].m_ipsecPFS)
tunnel+="PFS";
if(m_vpnSessions[actConfig].m_authType==VPN_AUTH_CERTIFICATE)
{
tmp=" -a";
pos1=0;
do
{
pos2=m_vpnSessions[actConfig].m_authValue.Find("\n",pos1);
tmp2=m_vpnSessions[actConfig].m_authValue.Mid(pos1,pos2-pos1);
if(tmp2.GetLength()==0)
{
tmp2=m_vpnSessions[actConfig].m_authValue.Right(m_vpnSessions[actConfig].m_authValue.GetLength()-pos1);
}
if(tmp2.GetLength()>0)
{
tmp3.Format(" CERT:\"%s\"",tmp2);
tmp+=tmp3;
}
pos1=pos2+1;
}
while(pos2>0);
}
else
tmp.Format(" -a PRESHARE:\"%s\"",m_vpnSessions[actConfig].m_authValue);
tunnel+=tmp;
if(m_vpnSessions[actConfig].m_ras!="")
tunnel+=" -dialup";
else
tunnel+=" -lan";
if(m_vpnSessions[actConfig].m_ipsecPFS)
tunnel+=" -1p";
#ifdef _DEBUG
tmp.Format("Command 1: %s\r\n",tunnel);
log+=tmp;
AfxMessageBox(tmp);
#endif
res = CVPNConfig::ExecuteCmd(tunnel,tmp);
if (res!=0)
{
tmp.Format("Fehler bei Command: %s\r\n",tunnel);
log+=tmp;
AfxMessageBox(tmp,MB_OK|MB_ICONERROR);
return -1;
}
tmp2=m_vpnSessions[actConfig].m_name;
tmp2.Replace(" ","-");
tunnel.Format("%s -w REG -p VPNDialer -r %s-Host -t %s ",ipsectool,tmp2,myTunIP);
tmp.Format("-f %s=%s -n ESP[%s,3DES]%s",partnerNet,myNet,authMode,reKey);
tunnel+=tmp;
if(m_vpnSessions[actConfig].m_ipsecPFS)
tunnel+="PFS";
if(m_vpnSessions[actConfig].m_authType==VPN_AUTH_CERTIFICATE)
{
tmp=" -a";
pos1=0;
do
{
pos2=m_vpnSessions[actConfig].m_authValue.Find("\n",pos1);
tmp2=m_vpnSessions[actConfig].m_authValue.Mid(pos1,pos2-pos1);
if(tmp2.GetLength()==0)
{
tmp2=m_vpnSessions[actConfig].m_authValue.Right(m_vpnSessions[actConfig].m_authValue.GetLength()-pos1);
}
if(tmp2.GetLength()>0)
{
tmp3.Format(" CERT:\"%s\"",tmp2);
tmp+=tmp3;
}
pos1=pos2+1;
}
while(pos2>0);
}
else
tmp.Format(" -a PRESHARE:\"%s\"",m_vpnSessions[actConfig].m_authValue);
tunnel+=tmp;
if(m_vpnSessions[actConfig].m_ras!="")
tunnel+=" -dialup";
else
tunnel+=" -lan";
if(m_vpnSessions[actConfig].m_ipsecPFS)
tunnel+=" -1p";
#ifdef _DEBUG
tmp.Format("Command 2: %s\r\n",tunnel);
log+=tmp;
AfxMessageBox(tmp);
#endif
res = CVPNConfig::ExecuteCmd(tunnel,tmp);
if (res!=0)
{
tmp.Format("Fehler bei Command: %s\r\n",tunnel);
log+=tmp;
AfxMessageBox(tmp,MB_OK|MB_ICONERROR);
return -1;
}
/*
* Block Traffic
*/
if(m_vpnSessions[actConfig].m_blockNonIPSec)
{
// Allow local Traffic
if(m_vpnSessions[actConfig].m_allowLocalTraffic)
{
for(int i=0;i<myIPs.GetSize();i++)
{
tmp.Format("%s -w REG -p VPNDialer -r \"Allow local Traffic for %s\" -f %s+%s/%s -n PASS ",
ipsectool,myIPs[i],myIPs[i],GetNetwork(myIPs[i],myNetmasks[i]),myNetmasks[i]);
#ifdef _DEBUG
tmp2.Format("Command : %s\r\n",tmp);
log+=tmp2;
AfxMessageBox(tmp2);
#endif
res = CVPNConfig::ExecuteCmd(tmp,tmp2);
if (res!=0)
{
tmp3.Format("Fehler bei Command: %s\r\n%s\r\n",tmp,tmp2);
log+=tmp3;
AfxMessageBox(tmp3,MB_OK|MB_ICONERROR);
return -1;
}
}
}
// BLOCK the rest
tmp.Format("%s -w REG -p VPNDialer -r \"Block non-IPSec\" -f *+0 -n BLOCK ",ipsectool);
#ifdef _DEBUG
tmp2.Format("Command : %s\r\n",tmp);
log+=tmp2;
AfxMessageBox(tmp2);
#endif
res = CVPNConfig::ExecuteCmd(tmp,tmp2);
if (res!=0)
{
tmp3.Format("Fehler bei Command: %s\r\n%s\r\n",tmp,tmp2);
log+=tmp3;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -