From 198b9a576e59e7db4f152ec1bae304c650114345 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Fri, 2 Sep 2016 10:19:39 +0200 Subject: [PATCH] Maximum packet size parameter is now optional --- lib/EAPBase/include/Method.h | 2 +- lib/EAPBase/src/Method.cpp | 2 +- lib/MSCHAPv2/include/Method.h | 2 +- lib/MSCHAPv2/src/Method.cpp | 2 +- lib/PAP/include/Method.h | 2 +- lib/PAP/src/Method.cpp | 2 +- lib/TLS/include/Method.h | 2 +- lib/TLS/src/Method.cpp | 2 +- lib/TTLS/include/Method.h | 4 +--- lib/TTLS/src/Method.cpp | 31 ++++++++++++------------------- 10 files changed, 21 insertions(+), 30 deletions(-) diff --git a/lib/EAPBase/include/Method.h b/lib/EAPBase/include/Method.h index db7ad40..fd32262 100644 --- a/lib/EAPBase/include/Method.h +++ b/lib/EAPBase/include/Method.h @@ -84,7 +84,7 @@ namespace eap _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize); + _In_opt_ DWORD dwMaxSendPacketSize = MAXDWORD); /// /// Ends an EAP authentication session for the EAP method. diff --git a/lib/EAPBase/src/Method.cpp b/lib/EAPBase/src/Method.cpp index c4c6a53..6c8ad8f 100644 --- a/lib/EAPBase/src/Method.cpp +++ b/lib/EAPBase/src/Method.cpp @@ -62,7 +62,7 @@ void eap::method::begin_session( _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize) + _In_opt_ DWORD dwMaxSendPacketSize) { UNREFERENCED_PARAMETER(dwFlags); UNREFERENCED_PARAMETER(pAttributeArray); diff --git a/lib/MSCHAPv2/include/Method.h b/lib/MSCHAPv2/include/Method.h index 4b33645..0fc435b 100644 --- a/lib/MSCHAPv2/include/Method.h +++ b/lib/MSCHAPv2/include/Method.h @@ -77,7 +77,7 @@ namespace eap _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize); + _In_opt_ DWORD dwMaxSendPacketSize = MAXDWORD); /// /// Processes a packet received by EapHost from a supplicant. diff --git a/lib/MSCHAPv2/src/Method.cpp b/lib/MSCHAPv2/src/Method.cpp index 349e5da..d6f3044 100644 --- a/lib/MSCHAPv2/src/Method.cpp +++ b/lib/MSCHAPv2/src/Method.cpp @@ -65,7 +65,7 @@ void eap::method_mschapv2::begin_session( _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize) + _In_opt_ DWORD dwMaxSendPacketSize) { method::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); diff --git a/lib/PAP/include/Method.h b/lib/PAP/include/Method.h index cec4480..6540b39 100644 --- a/lib/PAP/include/Method.h +++ b/lib/PAP/include/Method.h @@ -77,7 +77,7 @@ namespace eap _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize); + _In_opt_ DWORD dwMaxSendPacketSize = MAXDWORD); /// /// Processes a packet received by EapHost from a supplicant. diff --git a/lib/PAP/src/Method.cpp b/lib/PAP/src/Method.cpp index 32f9722..89f3520 100644 --- a/lib/PAP/src/Method.cpp +++ b/lib/PAP/src/Method.cpp @@ -65,7 +65,7 @@ void eap::method_pap::begin_session( _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize) + _In_opt_ DWORD dwMaxSendPacketSize) { method::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); diff --git a/lib/TLS/include/Method.h b/lib/TLS/include/Method.h index d7af691..2575f8a 100644 --- a/lib/TLS/include/Method.h +++ b/lib/TLS/include/Method.h @@ -98,7 +98,7 @@ namespace eap _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize); + _In_opt_ DWORD dwMaxSendPacketSize = MAXDWORD); /// /// Processes a packet received by EapHost from a supplicant. diff --git a/lib/TLS/src/Method.cpp b/lib/TLS/src/Method.cpp index cecce18..532745e 100644 --- a/lib/TLS/src/Method.cpp +++ b/lib/TLS/src/Method.cpp @@ -190,7 +190,7 @@ void eap::method_tls::begin_session( _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize) + _In_opt_ DWORD dwMaxSendPacketSize) { method::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); diff --git a/lib/TTLS/include/Method.h b/lib/TTLS/include/Method.h index 5c786ba..6a2c35d 100644 --- a/lib/TTLS/include/Method.h +++ b/lib/TTLS/include/Method.h @@ -78,7 +78,7 @@ namespace eap _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize); + _In_opt_ DWORD dwMaxSendPacketSize = MAXDWORD); /// /// Ends an EAP authentication session for the EAP method. @@ -147,7 +147,5 @@ namespace eap } m_version; ///< EAP-TTLS version std::unique_ptr m_inner; ///< Inner authentication method - unsigned char m_inner_packet_id; ///< Inner packet ID - DWORD m_size_inner_packet_max; ///< Maximum size of inner response packet }; } diff --git a/lib/TTLS/src/Method.cpp b/lib/TTLS/src/Method.cpp index e410f19..8e17609 100644 --- a/lib/TTLS/src/Method.cpp +++ b/lib/TTLS/src/Method.cpp @@ -32,21 +32,17 @@ eap::method_ttls::method_ttls(_In_ module &module, _In_ config_method_ttls &cfg, m_cfg(cfg), m_cred(cred), m_version(version_0), - m_inner_packet_id(0), - m_size_inner_packet_max(0), method_tls(module, cfg, cred) { } eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) : - m_cfg ( other.m_cfg ), - m_cred ( other.m_cred ), - m_version (std::move(other.m_version )), - m_inner (std::move(other.m_inner )), - m_inner_packet_id (std::move(other.m_inner_packet_id )), - m_size_inner_packet_max(std::move(other.m_size_inner_packet_max)), - method_tls (std::move(other )) + m_cfg ( other.m_cfg ), + m_cred ( other.m_cred ), + m_version (std::move(other.m_version)), + m_inner (std::move(other.m_inner )), + method_tls(std::move(other )) { } @@ -54,11 +50,9 @@ eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) : eap::method_ttls& eap::method_ttls::operator=(_Inout_ method_ttls &&other) { if (this != std::addressof(other)) { - (method_tls&)*this = std::move(other ); - m_version = std::move(other.m_version ); - m_inner = std::move(other.m_inner ); - m_inner_packet_id = std::move(other.m_inner_packet_id ); - m_size_inner_packet_max = std::move(other.m_size_inner_packet_max); + (method_tls&)*this = std::move(other ); + m_version = std::move(other.m_version); + m_inner = std::move(other.m_inner ); } return *this; @@ -69,7 +63,7 @@ void eap::method_ttls::begin_session( _In_ DWORD dwFlags, _In_ const EapAttributes *pAttributeArray, _In_ HANDLE hTokenImpersonateUser, - _In_ DWORD dwMaxSendPacketSize) + _In_opt_ DWORD dwMaxSendPacketSize) { method_tls::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); @@ -79,8 +73,7 @@ void eap::method_ttls::begin_session( case eap_type_legacy_mschapv2: m_inner.reset(new method_mschapv2(m_module, (config_method_mschapv2&)*m_cfg.m_inner, (credentials_mschapv2&)*m_cred.m_inner.get())); break; default: throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method."); } - m_inner->begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, m_size_inner_packet_max = dwMaxSendPacketSize); // TODO: Maximum inner packet size should have subtracted TLS overhead - m_inner_packet_id = 0; + m_inner->begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, MAXDWORD); } @@ -243,8 +236,8 @@ void eap::method_ttls::process_application_data(_In_bytecount_(size_msg) const v if (FAILED(status)) throw sec_runtime_error(status, __FUNCTION__ " Error getting Schannel required encryption sizes."); - sanitizing_blob data(sizes.cbHeader + m_size_inner_packet_max + sizes.cbTrailer, 0); - DWORD size_data = m_size_inner_packet_max; + sanitizing_blob data(sizes.cbHeader + sizes.cbMaximumMessage + sizes.cbTrailer, 0); + DWORD size_data = sizes.cbMaximumMessage; unsigned char *ptr_data = data.data() + sizes.cbHeader; #endif m_inner->get_response_packet(ptr_data, &size_data);