EapHost: Disambiguate from native EAP methods

When eap::config_method_eaphost::get_method_id() returns EAP-MSCHAPv2,
XML-to-BLOB gets confused and picks native EAP-MSCHAPv2 implementation.
Therefore, it was updated to always return unknown EAP type. Outer
method does not need to know the exact method implemented by EapHost
inner method.

Signed-off-by: Simon Rozman <simon@rozman.si>

lib/TTLS/src/Config.cpp

@@ -171,7 +171,11 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
     DWORD dwMethod;
     bstr bstrMethod;
     if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:EAPMethod"), dwMethod)) &&
-        eap_type_t::start <= (eap_type_t)dwMethod && (eap_type_t)dwMethod < eap_type_t::end)
+        (eap_type_t::start <= (eap_type_t)dwMethod && (eap_type_t)dwMethod < eap_type_t::end
+#if EAP_INNER_EAPHOST
+        || (eap_type_t)dwMethod == eap_type_t::undefined
+#endif
+        ))
     {
         m_inner.reset(make_config_method((eap_type_t)dwMethod));
         m_module.log_config((xpath + L"/EAPMethod").c_str(), m_inner->get_method_str());
@@ -241,10 +245,9 @@ eap::config_method* eap::config_method_ttls::make_config_method(_In_ winstd::eap
     case eap_type_t::mschapv2       : return new config_method_eapmschapv2(m_module, m_level + 1);
     case eap_type_t::gtc            : return new config_method_eapgtc     (m_module, m_level + 1);
 #if EAP_INNER_EAPHOST
-    default                         : return new config_method_eaphost    (m_module, m_level + 1); // EapHost peer method handles all other method types
-#else
-    default                         : throw invalid_argument(string_printf(__FUNCTION__ " Unsupported inner authentication method (%d).", eap_type));
+    case eap_type_t::undefined      : return new config_method_eaphost    (m_module, m_level + 1);
 #endif
+    default                         : throw invalid_argument(string_printf(__FUNCTION__ " Unsupported inner authentication method (%d).", eap_type));
     }
 }
 

lib/TTLS/src/Module.cpp

@@ -252,9 +252,14 @@ EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
     auto cred_inner        = dynamic_cast<credentials_ttls*>(s->m_cred.m_cred.get())->m_inner.get();
 #if EAP_INNER_EAPHOST
     auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_inner);
-    if (!cfg_inner_eaphost)
+    if (cfg_inner_eaphost) {
+        // EapHost inner method
+        meth_inner.reset(
+            new method_eapmsg (*this, cred_inner->get_identity().c_str(),
+            new method_eaphost(*this, *cfg_inner_eaphost, dynamic_cast<credentials_eaphost&>(*cred_inner))));
+    } else
 #endif
-    {
+    if (cfg_inner) {
         // Native inner methods
         switch (cfg_inner->get_method_id()) {
         case eap_type_t::legacy_pap     : meth_inner.reset(new method_pap_diameter     (*this, dynamic_cast<config_method_pap     &>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
@@ -270,14 +275,6 @@ EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
         default: throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
         }
     }
-#if EAP_INNER_EAPHOST
-    else {
-        // EapHost inner method
-        meth_inner.reset(
-            new method_eapmsg (*this, cred_inner->get_identity().c_str(),
-            new method_eaphost(*this, *cfg_inner_eaphost, dynamic_cast<credentials_eaphost&>(*cred_inner))));
-    }
-#endif
     s->m_method.reset(
         new method_eap   (*this, eap_type_t::ttls, *s->m_cred.m_cred,
         new method_defrag(*this, 0, /* Schannel supports retrieving keying material for EAP-TTLSv0 only. */