Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Backport EAPSup code changes

Browse Source 
This introduces some PEAP/EAP-TTLS split code, but helps maintain shared
code base.

Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman
2021-11-22 14:40:28 +01:00
parent 1994da974a
commit 12ef3059e9
4 changed files with 271 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
lib/TTLS_UI/src/Module.cpp
View File

@@ -25,21 +25,20 @@ using namespace winstd;
//////////////////////////////////////////////////////////////////////
// eap::peer_ttls_ui
// eap::peer_peap_ui
//////////////////////////////////////////////////////////////////////
eap::peer_ttls_ui::peer_ttls_ui() : peer_ui(eap_type_t::ttls, _T("EAP-TTLS_UI"))
eap::peer_peap_ui::peer_peap_ui() : peer_ui(eap_type_t::peap, _T("PEAP_UI"))
{
}
eap::config_method* eap::peer_ttls_ui::make_config()
eap::peer_peap_ui::peer_peap_ui(_In_ eap_type_t eap_method, _In_opt_ LPCTSTR domain) : peer_ui(eap_method, domain)
{
return new config_method_ttls(*this, 0);
}
void eap::peer_ttls_ui::invoke_config_ui(
void eap::peer_peap_ui::invoke_config_ui(
_In_ HWND hwndParent,
_In_count_(dwConnectionDataInSize) const BYTE *pConnectionDataIn,
_In_ DWORD dwConnectionDataInSize,
@@ -59,7 +58,7 @@ void eap::peer_ttls_ui::invoke_config_ui(
wxInitializerPeer init(m_instance, m_domain, hwndParent);
// Create and launch configuration dialog.
wxEAPConfigDialog<wxTTLSConfigWindow> dlg(cfg, init.m_parent);
wxEAPConfigDialog<wxPEAPConfigWindow> dlg(cfg, init.m_parent);
if (!init.m_parent) {
FLASHWINFO fwi = { sizeof(FLASHWINFO), dlg.GetHWND(), FLASHW_ALL | FLASHW_TIMERNOFG };
::FlashWindowEx(&fwi);
@@ -72,7 +71,7 @@ void eap::peer_ttls_ui::invoke_config_ui(
}
void eap::peer_ttls_ui::invoke_identity_ui(
void eap::peer_peap_ui::invoke_identity_ui(
_In_ HWND hwndParent,
_In_ DWORD dwFlags,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
@@ -260,27 +259,7 @@ void eap::peer_ttls_ui::invoke_identity_ui(
wxUICanceller lock(hWndCurrent, dlg.GetHWND());
if (eap::config_method::status_t::cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_t::cred_end)
dlg.AddContent(new wxEAPCredentialWarningPanel(*cfg_prov, cfg_method->m_inner->m_last_status, &dlg));
wxEAPCredentialsPanelBase *panel = NULL;
switch (cfg_method->m_inner->get_method_id()) {
case eap_type_t::legacy_pap : panel = new wxPAPCredentialsPanel (*cfg_prov, *dynamic_cast<const eap::config_method_pap *>(cfg_method->m_inner.get()), *dynamic_cast<eap::credentials_pass *>(cred->m_inner.get()), &dlg, false); break;
case eap_type_t::legacy_mschapv2: panel = new wxMSCHAPv2CredentialsPanel(*cfg_prov, *dynamic_cast<const eap::config_method_mschapv2 *>(cfg_method->m_inner.get()), *dynamic_cast<eap::credentials_pass *>(cred->m_inner.get()), &dlg, false); break;
case eap_type_t::mschapv2 : panel = new wxMSCHAPv2CredentialsPanel(*cfg_prov, *dynamic_cast<const eap::config_method_eapmschapv2*>(cfg_method->m_inner.get()), *dynamic_cast<eap::credentials_pass *>(cred->m_inner.get()), &dlg, false); break;
case eap_type_t::gtc : {
// EAP-GTC credential prompt differes for "Challenge/Response" and "Password" authentication modes.
eap::credentials_identity *cred_resp;
eap::credentials_pass *cred_pass;
if ((cred_resp = dynamic_cast<eap::credentials_identity*>(cred->m_inner.get())) != NULL)
panel = new wxGTCResponseCredentialsPanel(*cfg_prov, *dynamic_cast<const eap::config_method_eapgtc*>(cfg_method->m_inner.get()), *cred_resp, &dlg, false);
else if ((cred_pass = dynamic_cast<eap::credentials_pass*>(cred->m_inner.get())) != NULL)
panel = new wxGTCPasswordCredentialsPanel(*cfg_prov, *dynamic_cast<const eap::config_method_eapgtc*>(cfg_method->m_inner.get()), *cred_pass, &dlg, false);
else
wxLogError("Unsupported authentication mode.");
break;
}
default: wxLogError("Unsupported inner authentication method.");
}
if (!panel)
throw invalid_argument("Invalid authentication mode");
wxEAPCredentialsPanelBase *panel = make_inner_credential_panel(*cfg_prov, *dynamic_cast<config_method_with_cred*>(cfg_method->m_inner.get()), cred->m_inner.get(), &dlg);
panel->SetRemember(src_inner == eap::credentials::source_t::storage);
dlg.AddContent(panel);
@@ -322,7 +301,7 @@ void eap::peer_ttls_ui::invoke_identity_ui(
}
void eap::peer_ttls_ui::invoke_interactive_ui(
void eap::peer_peap_ui::invoke_interactive_ui(
_In_ HWND hwndParent,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ DWORD dwUIContextDataSize,
@@ -416,3 +395,83 @@ void eap::peer_ttls_ui::invoke_interactive_ui(
// Pack output data.
pack(ctx.m_data, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize);
}
wxEAPCredentialsPanelBase* eap::peer_peap_ui::make_inner_credential_panel(const config_provider &prov, const config_method_with_cred &cfg, credentials *cred, wxWindow *parent) const
{
switch (cfg.get_method_id()) {
case eap_type_t::mschapv2: return new wxMSCHAPv2CredentialsPanel(prov, dynamic_cast<const eap::config_method_eapmschapv2&>(cfg), *dynamic_cast<eap::credentials_pass*>(cred), parent, false); break;
case eap_type_t::gtc : {
// EAP-GTC credential prompt differes for "Challenge/Response" and "Password" authentication modes.
eap::credentials_identity *cred_resp;
eap::credentials_pass *cred_pass;
if ((cred_resp = dynamic_cast<eap::credentials_identity*>(cred)) != NULL)
return new wxGTCResponseCredentialsPanel(prov, dynamic_cast<const eap::config_method_eapgtc&>(cfg), *cred_resp, parent, false);
else if ((cred_pass = dynamic_cast<eap::credentials_pass*>(cred)) != NULL)
return new wxGTCPasswordCredentialsPanel(prov, dynamic_cast<const eap::config_method_eapgtc&>(cfg), *cred_pass, parent, false);
else
wxLogError("Unsupported authentication mode.");
break;
}
default: wxLogError("Unsupported inner authentication method.");
}
throw invalid_argument("Invalid authentication mode");
}
//////////////////////////////////////////////////////////////////////
// eap::peer_ttls_ui
//////////////////////////////////////////////////////////////////////
eap::peer_ttls_ui::peer_ttls_ui() : peer_peap_ui(eap_type_t::ttls, _T("EAP-TTLS_UI"))
{
}
eap::config_method* eap::peer_ttls_ui::make_config()
{
return new config_method_ttls(*this, 0);
}
void eap::peer_ttls_ui::invoke_config_ui(
_In_ HWND hwndParent,
_In_count_(dwConnectionDataInSize) const BYTE *pConnectionDataIn,
_In_ DWORD dwConnectionDataInSize,
_Out_ BYTE **ppConnectionDataOut,
_Out_ DWORD *pdwConnectionDataOutSize)
{
// Unpack configuration.
config_connection cfg(*this);
if (dwConnectionDataInSize) {
// Load existing configuration.
unpack(cfg, pConnectionDataIn, dwConnectionDataInSize);
} else {
// This is a blank network profile. `cfg` is already set to defaults.
}
// Initialize application.
wxInitializerPeer init(m_instance, m_domain, hwndParent);
// Create and launch configuration dialog.
wxEAPConfigDialog<wxTTLSConfigWindow> dlg(cfg, init.m_parent);
if (!init.m_parent) {
FLASHWINFO fwi = { sizeof(FLASHWINFO), dlg.GetHWND(), FLASHW_ALL | FLASHW_TIMERNOFG };
::FlashWindowEx(&fwi);
}
if (dlg.ShowModal() != wxID_OK)
throw win_runtime_error(ERROR_CANCELLED, __FUNCTION__ " Cancelled.");
// Pack new configuration.
pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize);
}
wxEAPCredentialsPanelBase* eap::peer_ttls_ui::make_inner_credential_panel(const config_provider &prov, const config_method_with_cred &cfg, credentials *cred, wxWindow *parent) const
{
switch (cfg.get_method_id()) {
case eap_type_t::legacy_pap : return new wxPAPCredentialsPanel (prov, dynamic_cast<const eap::config_method_pap &>(cfg), *dynamic_cast<eap::credentials_pass*>(cred), parent, false); break;
case eap_type_t::legacy_mschapv2: return new wxMSCHAPv2CredentialsPanel(prov, dynamic_cast<const eap::config_method_mschapv2&>(cfg), *dynamic_cast<eap::credentials_pass*>(cred), parent, false); break;
}
return peer_peap_ui::make_inner_credential_panel(prov, cfg, cred, parent);
}

161
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@@ -112,12 +112,10 @@ void wxTLSTunnelConfigWindow::OnUpdateUI(wxUpdateUIEvent& event)
//////////////////////////////////////////////////////////////////////
// wxTTLSConfigWindow
// wxPEAPConfigWindow
//////////////////////////////////////////////////////////////////////
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_cfg_pap (cfg.m_module, cfg.m_level + 1),
m_cfg_mschapv2 (cfg.m_module, cfg.m_level + 1),
wxPEAPConfigWindow::wxPEAPConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_cfg_eapmschapv2(cfg.m_module, cfg.m_level + 1),
m_cfg_eapgtc (cfg.m_module, cfg.m_level + 1),
#if EAP_INNER_EAPHOST
@@ -125,97 +123,130 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_m
#endif
wxTLSTunnelConfigWindow(prov, cfg, parent)
{
wxPAPConfigPanel *panel_pap = new wxPAPConfigPanel(m_prov, m_cfg_pap, m_inner_type);
m_inner_type->AddPage(panel_pap, _("PAP"));
wxMSCHAPv2ConfigPanel *panel_mschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_mschapv2, m_inner_type);
m_inner_type->AddPage(panel_mschapv2, _("MSCHAPv2"));
wxMSCHAPv2ConfigPanel *panel_eapmschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_eapmschapv2, m_inner_type);
m_inner_type->AddPage(panel_eapmschapv2, _("EAP-MSCHAPv2"));
wxGTCConfigPanel *panel_eapgtc = new wxGTCConfigPanel(m_prov, m_cfg_eapgtc, m_inner_type);
m_inner_type->AddPage(panel_eapgtc, _("EAP-GTC"));
m_panel_eapmschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_eapmschapv2, m_inner_type);
m_inner_type->AddPage(m_panel_eapmschapv2, _("EAP-MSCHAPv2"));
m_panel_eapgtc = new wxGTCConfigPanel(m_prov, m_cfg_eapgtc, m_inner_type);
m_inner_type->AddPage(m_panel_eapgtc, _("EAP-GTC"));
#if EAP_INNER_EAPHOST
wxEapHostConfigPanel *panel_eaphost = new wxEapHostConfigPanel(m_prov, m_cfg_eaphost, m_inner_type);
m_inner_type->AddPage(panel_eaphost, _("Other EAP methods..."));
m_panel_eaphost = new wxEapHostConfigPanel(m_prov, m_cfg_eaphost, m_inner_type);
m_inner_type->AddPage(m_panel_eaphost, _("Other EAP methods..."));
#endif
}
/// \cond internal
bool wxTTLSConfigWindow::TransferDataToWindow()
bool wxPEAPConfigWindow::TransferDataToWindow()
{
auto &cfg_ttls = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
// Native inner methods
switch (cfg_ttls.m_inner->get_method_id()) {
case winstd::eap_type_t::legacy_pap:
m_cfg_pap = dynamic_cast<eap::config_method_pap&>(*cfg_ttls.m_inner);
m_inner_type->SetSelection(0); // 0=PAP
break;
case winstd::eap_type_t::legacy_mschapv2:
m_cfg_mschapv2 = dynamic_cast<eap::config_method_mschapv2&>(*cfg_ttls.m_inner);
m_inner_type->SetSelection(1); // 1=MSCHAPv2
break;
auto &cfg = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
switch (cfg.m_inner->get_method_id()) {
case winstd::eap_type_t::mschapv2:
m_cfg_eapmschapv2 = dynamic_cast<eap::config_method_eapmschapv2&>(*cfg_ttls.m_inner);
m_inner_type->SetSelection(2); // 2=EAP-MSCHAPv2
m_cfg_eapmschapv2 = dynamic_cast<eap::config_method_eapmschapv2&>(*cfg.m_inner);
m_inner_type->SetSelection(m_inner_type->FindPage(m_panel_eapmschapv2));
break;
case winstd::eap_type_t::gtc:
m_cfg_eapgtc = dynamic_cast<eap::config_method_eapgtc&>(*cfg_ttls.m_inner);
m_inner_type->SetSelection(3); // 3=EAP-GTC
m_cfg_eapgtc = dynamic_cast<eap::config_method_eapgtc&>(*cfg.m_inner);
m_inner_type->SetSelection(m_inner_type->FindPage(m_panel_eapgtc));
break;
#if EAP_INNER_EAPHOST
case winstd::eap_type_t::undefined:
m_cfg_eaphost = dynamic_cast<eap::config_method_eaphost&>(*cfg_ttls.m_inner);
m_inner_type->SetSelection(4); // 4=EapHost
m_cfg_eaphost = dynamic_cast<eap::config_method_eaphost&>(*cfg.m_inner);
m_inner_type->SetSelection(m_inner_type->FindPage(m_panel_eaphost));
break;
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
#endif
}
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
// This will handle wxTTLSConfigWindow::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
return true /*wxScrolledWindow::TransferDataToWindow()*/;
return wxTLSTunnelConfigWindow::TransferDataToWindow();
}
bool wxTTLSConfigWindow::TransferDataFromWindow()
bool wxPEAPConfigWindow::TransferDataFromWindow()
{
wxCHECK(wxTLSTunnelConfigWindow::TransferDataFromWindow(), false);
auto &cfg_ttls = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
auto &cfg = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
switch (m_inner_type->GetSelection()) {
case 0: // 0=PAP
cfg_ttls.m_inner.reset(new eap::config_method_pap(m_cfg_pap));
break;
case 1: // 1=MSCHAPv2
cfg_ttls.m_inner.reset(new eap::config_method_mschapv2(m_cfg_mschapv2));
break;
case 2: // 2=EAP-MSCHAPv2
cfg_ttls.m_inner.reset(new eap::config_method_eapmschapv2(m_cfg_eapmschapv2));
break;
case 3: // 3=EAP-GTC
cfg_ttls.m_inner.reset(new eap::config_method_eapgtc(m_cfg_eapgtc));
break;
int idx = m_inner_type->GetSelection();
if (idx != wxNOT_FOUND) {
wxWindow *page = m_inner_type->GetPage(idx);
if (page == m_panel_eapmschapv2)
cfg.m_inner.reset(new eap::config_method_eapmschapv2(m_cfg_eapmschapv2));
else if (page == m_panel_eapgtc)
cfg.m_inner.reset(new eap::config_method_eapgtc(m_cfg_eapgtc));
#if EAP_INNER_EAPHOST
case 4: // 4=EapHost
cfg_ttls.m_inner.reset(new eap::config_method_eaphost(m_cfg_eaphost));
break;
else if (page == m_panel_eaphost)
cfg.m_inner.reset(new eap::config_method_eaphost(m_cfg_eaphost));
#endif
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
}
}
return true;
}
/// \endcond
//////////////////////////////////////////////////////////////////////
// wxTTLSConfigWindow
//////////////////////////////////////////////////////////////////////
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_cfg_pap (cfg.m_module, cfg.m_level + 1),
m_cfg_mschapv2(cfg.m_module, cfg.m_level + 1),
wxPEAPConfigWindow(prov, cfg, parent)
{
m_panel_pap = new wxPAPConfigPanel(m_prov, m_cfg_pap, m_inner_type);
m_inner_type->InsertPage(0, m_panel_pap, _("PAP"));
m_panel_mschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_mschapv2, m_inner_type);
m_inner_type->InsertPage(1, m_panel_mschapv2, _("MSCHAPv2"));
m_panel_pap->SetFocusFromKbd();
}
/// \cond internal
bool wxTTLSConfigWindow::TransferDataToWindow()
{
auto &cfg = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
// Native inner methods
switch (cfg.m_inner->get_method_id()) {
case winstd::eap_type_t::legacy_pap:
m_cfg_pap = dynamic_cast<eap::config_method_pap&>(*cfg.m_inner);
m_inner_type->SetSelection(m_inner_type->FindPage(m_panel_pap));
break;
case winstd::eap_type_t::legacy_mschapv2:
m_cfg_mschapv2 = dynamic_cast<eap::config_method_mschapv2&>(*cfg.m_inner);
m_inner_type->SetSelection(m_inner_type->FindPage(m_panel_mschapv2));
break;
}
return wxPEAPConfigWindow::TransferDataToWindow();
}
bool wxTTLSConfigWindow::TransferDataFromWindow()
{
wxCHECK(wxPEAPConfigWindow::TransferDataFromWindow(), false);
auto &cfg = dynamic_cast<eap::config_method_tls_tunnel&>(m_cfg);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
int idx = m_inner_type->GetSelection();
if (idx != wxNOT_FOUND) {
wxWindow *page = m_inner_type->GetPage(idx);
if (page == m_panel_pap)
cfg.m_inner.reset(new eap::config_method_pap(m_cfg_pap));
else if (page == m_panel_mschapv2)
cfg.m_inner.reset(new eap::config_method_mschapv2(m_cfg_mschapv2));
}
}