Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

win_runtime_error moved to WinStd; eapxml functions return HRESULT now

Browse Source
This commit is contained in:
Simon Rozman 2016-08-09 01:05:00 +02:00
parent b71e30f642
commit 1bf51fda25
23 changed files with 315 additions and 454 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CredWrite/Main.cpp
View File

@ -86,8 +86,8 @@ static int CredWrite()
eap::credentials_pap cred_stored(g_module);
try {
cred_stored.retrieve(target_name.c_str());
} catch(eap::win_runtime_error &err) {
OutputDebugStr(_T("%ls (error %u)\n"), err.m_msg.c_str(), err.m_error);
} catch(win_runtime_error &err) {
OutputDebugStr(_T("%hs (error %u)\n"), err.what(), err.number());
} catch(...) {
OutputDebugStr(_T("Reading credentials failed.\n"));
}
@ -95,8 +95,8 @@ static int CredWrite()
#endif
try {
cred.store(target_name.c_str());
} catch(eap::win_runtime_error &err) {
OutputDebugStr(_T("%ls (error %u)\n"), err.m_msg.c_str(), err.m_error);
} catch(win_runtime_error &err) {
OutputDebugStr(_T("%hs (error %u)\n"), err.what(), err.number());
return 2;
} catch(...) {
OutputDebugStr(_T("Writing credentials failed.\n"));

8
EAPMethods/src/Main.cpp
View File

@ -743,7 +743,7 @@ DWORD WINAPI EapPeerCredentialsXml2Blob(
else {
// <Credentials>
com_obj<IXMLDOMNode> pXmlElCredentials;
if ((dwResult = eapxml::select_node(pCredentialsDoc, bstr(L"//EapHostUserCredentials/Credentials"), &pXmlElCredentials)) != ERROR_SUCCESS) {
if (FAILED(eapxml::select_node(pCredentialsDoc, bstr(L"//EapHostUserCredentials/Credentials"), &pXmlElCredentials))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <EapHostUserCredentials><Credentials> element.")));
return dwResult;
}
@ -880,7 +880,7 @@ DWORD WINAPI EapPeerQueryInteractiveUIInputFields(
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_Out_ EAP_INTERACTIVE_UI_DATA *pEapInteractiveUIData,
_Out_ EAP_ERROR **ppEapError,
_Inout_ LPVOID *pvReserved)
_Inout_ LPVOID *ppvReserved)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
@ -901,6 +901,8 @@ DWORD WINAPI EapPeerQueryInteractiveUIInputFields(
else if (!pEapInteractiveUIData)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapInteractiveUIData is NULL.")));
else {
UNREFERENCED_PARAMETER(ppvReserved);
try {
g_peer.query_interactive_ui_input_fields(dwVersion, dwFlags, dwUIContextDataSize, pUIContextData, pEapInteractiveUIData);
} catch (std::exception &err) {
@ -952,6 +954,8 @@ DWORD WINAPI EapPeerQueryUIBlobFromInteractiveUIInputFields(
else if (!ppDataFromInteractiveUI)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL.")));
else {
UNREFERENCED_PARAMETER(ppvReserved);
try {
g_peer.query_ui_blob_from_interactive_ui_input_fields(dwVersion, dwFlags, dwUIContextDataSize, pUIContextData, pEapInteractiveUIData, pdwDataFromInteractiveUISize, ppDataFromInteractiveUI);
} catch (std::exception &err) {

8
EAPMethods/src/Main_UI.cpp
View File

@ -133,8 +133,8 @@ DWORD WINAPI EapPeerConfigXml2Blob(
// <Config>
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
com_obj<IXMLDOMElement> pXmlElConfig;
if ((dwResult = eapxml::select_element(pConfigDoc, bstr(L"//eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult, _T(__FUNCTION__) _T(" Error reading <Config> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document.")));
if (FAILED(eapxml::select_element(pConfigDoc, bstr(L"//eaphostconfig:Config"), &pXmlElConfig))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" Error reading <Config> element.")));
return dwResult;
}
@ -215,8 +215,8 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Select <Config> node.
com_obj<IXMLDOMNode> pXmlElConfig;
pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
if ((dwResult = eapxml::select_node(pDoc, bstr(L"eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <Config> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document.")));
if (FAILED(eapxml::select_node(pDoc, bstr(L"eaphostconfig:Config"), &pXmlElConfig))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <Config> element.")));
return dwResult;
}

1
lib/EAPBase/build/EAPBase.vcxproj
View File

@ -90,7 +90,6 @@
<ItemGroup>
<ClCompile Include="..\src\Config.cpp" />
<ClCompile Include="..\src\Credentials.cpp" />
<ClCompile Include="..\src\EAP.cpp" />
<ClCompile Include="..\src\Module.cpp" />
<ClCompile Include="..\src\Method.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">

3
lib/EAPBase/build/EAPBase.vcxproj.filters
View File

@ -49,8 +49,5 @@
<ClCompile Include="..\src\Module.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\EAP.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
</Project>

59
lib/EAPBase/include/EAP.h
View File

@ -37,7 +37,6 @@
#include <list>
#include <memory>
#include <stdexcept>
#include <string>
#include <vector>
@ -57,11 +56,6 @@ namespace eap
/// Sanitizing dynamically allocated BLOB
///
typedef std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > sanitizing_blob;
///
/// Windows runtime error
///
class win_runtime_error;
}
///
@ -375,59 +369,6 @@ namespace eap
ptr_type ptr; ///< Pointer to first data unread
ptr_type ptr_end; ///< Pointer to the end of BLOB
};
class win_runtime_error : public std::runtime_error
{
public:
///
/// Constructs an exception
///
/// \param[in] error Windows error code
/// \param[in] msg Error message
///
win_runtime_error(_In_ DWORD error, _In_ const winstd::tstring& msg);
///
/// Constructs an exception
///
/// \param[in] error Windows error code
/// \param[in] msg Error message
///
win_runtime_error(_In_ DWORD error, _In_z_ const TCHAR *msg);
///
/// Constructs an exception using `GetLastError()`
///
/// \param[in] msg Error message
///
win_runtime_error(_In_ const winstd::tstring& msg);
///
/// Constructs an exception using `GetLastError()`
///
/// \param[in] msg Error message
///
win_runtime_error(_In_z_ const TCHAR *msg);
///
/// Copies an exception
///
/// \param[in] other Exception to copy from
///
win_runtime_error(const win_runtime_error &other);
///
/// Copies an exception
///
/// \param[in] other Exception to copy from
///
win_runtime_error& operator=(const win_runtime_error &other);
public:
DWORD m_error; ///< Windows error code
winstd::tstring m_msg; ///< Error description
};
}

166
lib/EAPBase/include/EAPXML.h
View File

@ -27,27 +27,27 @@
namespace eapxml
{
inline DWORD get_document(_In_ IXMLDOMNode *pXmlNode, _Out_ IXMLDOMDocument2 **ppXmlDoc);
inline DWORD select_node(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNode **ppXmlNode);
inline DWORD select_nodes(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNodeList **ppXmlNodes);
inline DWORD select_element(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ IXMLDOMElement **ppXmlElement);
inline DWORD create_element(_In_ IXMLDOMDocument *pDoc, _In_z_ const BSTR bstrElementName, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline DWORD create_element(_In_ IXMLDOMDocument *pDoc, IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementNameSelect, _In_z_ const BSTR bstrElementNameCreate, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline HRESULT get_document(_In_ IXMLDOMNode *pXmlNode, _Out_ IXMLDOMDocument2 **ppXmlDoc);
inline HRESULT select_node(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNode **ppXmlNode);
inline HRESULT select_nodes(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNodeList **ppXmlNodes);
inline HRESULT select_element(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ IXMLDOMElement **ppXmlElement);
inline HRESULT create_element(_In_ IXMLDOMDocument *pDoc, _In_z_ const BSTR bstrElementName, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline HRESULT create_element(_In_ IXMLDOMDocument *pDoc, IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementNameSelect, _In_z_ const BSTR bstrElementNameCreate, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline bool has_parent(_In_ IXMLDOMNode *pXmlNode);
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ BSTR *pbstrValue);
template<class _Traits, class _Ax> inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue);
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ DWORD *pdwValue);
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ bool *pbValue);
template<class _Ty, class _Ax> inline DWORD get_element_base64(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue);
template<class _Ty, class _Ax> inline DWORD get_element_hex(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue);
inline DWORD get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ BSTR *pbstrValue);
template<class _Traits, class _Ax> inline DWORD get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue);
inline DWORD put_element(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_z_ const BSTR bstrValue);
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ DWORD dwValue);
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ bool bValue);
inline DWORD put_element_base64(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen);
inline DWORD put_element_hex(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen);
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ BSTR *pbstrValue);
template<class _Traits, class _Ax> inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue);
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ DWORD *pdwValue);
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ bool *pbValue);
template<class _Ty, class _Ax> inline HRESULT get_element_base64(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue);
template<class _Ty, class _Ax> inline HRESULT get_element_hex(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue);
inline HRESULT get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ BSTR *pbstrValue);
template<class _Traits, class _Ax> inline HRESULT get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue);
inline HRESULT put_element(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement);
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_z_ const BSTR bstrValue);
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ DWORD dwValue);
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ bool bValue);
inline HRESULT put_element_base64(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen);
inline HRESULT put_element_hex(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen);
inline std::wstring get_xpath(_In_ IXMLDOMNode *pXmlNode);
}
@ -62,7 +62,7 @@ namespace eapxml
namespace eapxml
{
inline DWORD get_document(_In_ IXMLDOMNode *pXmlNode, _Out_ IXMLDOMDocument2 **ppXmlDoc)
inline HRESULT get_document(_In_ IXMLDOMNode *pXmlNode, _Out_ IXMLDOMDocument2 **ppXmlDoc)
{
assert(pXmlNode);
assert(ppXmlDoc);
@ -72,11 +72,11 @@ namespace eapxml
return
SUCCEEDED(hr = pXmlNode->get_ownerDocument(&doc)) &&
SUCCEEDED(hr = doc.query_interface(ppXmlDoc)) ? ERROR_SUCCESS : HRESULT_CODE(hr);
SUCCEEDED(hr = doc.query_interface(ppXmlDoc)) ? S_OK : hr;
}
inline DWORD select_node(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNode **ppXmlNode)
inline HRESULT select_node(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNode **ppXmlNode)
{
assert(pXmlParent);
assert(ppXmlNode);
@ -85,11 +85,11 @@ namespace eapxml
return
SUCCEEDED(hr = pXmlParent->selectSingleNode(bstrNodeName, ppXmlNode)) ?
*ppXmlNode ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr);
*ppXmlNode ? S_OK : E_NOT_SET : hr;
}
inline DWORD select_nodes(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNodeList **ppXmlNodes)
inline HRESULT select_nodes(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrNodeName, _Out_ IXMLDOMNodeList **ppXmlNodes)
{
assert(pXmlParent);
assert(ppXmlNodes);
@ -98,26 +98,25 @@ namespace eapxml
return
SUCCEEDED(hr = pXmlParent->selectNodes(bstrNodeName, ppXmlNodes)) ?
*ppXmlNodes ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr);
*ppXmlNodes ? S_OK : E_NOT_SET : hr;
}
inline DWORD select_element(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ IXMLDOMElement **ppXmlElement)
inline HRESULT select_element(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ IXMLDOMElement **ppXmlElement)
{
assert(ppXmlElement);
DWORD dwResult;
HRESULT hr;
winstd::com_obj<IXMLDOMNode> pXmlNode;
return
(dwResult = select_node(pXmlParent, bstrElementName, &pXmlNode)) == ERROR_SUCCESS ?
SUCCEEDED(hr = select_node(pXmlParent, bstrElementName, &pXmlNode)) ?
SUCCEEDED(hr = pXmlNode.query_interface(ppXmlElement)) ?
*ppXmlElement ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr) : dwResult;
*ppXmlElement ? S_OK : E_NOT_SET : hr : hr;
}
inline DWORD create_element(_In_ IXMLDOMDocument *pDoc, _In_z_ const BSTR bstrElementName, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
inline HRESULT create_element(_In_ IXMLDOMDocument *pDoc, _In_z_ const BSTR bstrElementName, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
{
assert(pDoc);
assert(ppXmlElement);
@ -129,23 +128,22 @@ namespace eapxml
return
SUCCEEDED(hr = pDoc->createNode(varNodeTypeEl, bstrElementName, bstrNamespace, &pXmlNode)) ?
SUCCEEDED(hr = pXmlNode.query_interface(ppXmlElement)) ?
*ppXmlElement ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr) : HRESULT_CODE(hr);
*ppXmlElement ? S_OK : E_NOT_SET : hr : hr;
}
inline DWORD create_element(_In_ IXMLDOMDocument *pDoc, IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementNameSelect, _In_z_ const BSTR bstrElementNameCreate, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
inline HRESULT create_element(_In_ IXMLDOMDocument *pDoc, IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementNameSelect, _In_z_ const BSTR bstrElementNameCreate, _In_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
{
assert(pDoc);
assert(pXmlParent);
assert(ppXmlElement);
DWORD dwResult;
HRESULT hr;
return
(dwResult = select_element(pXmlParent, bstrElementNameSelect, ppXmlElement)) == ERROR_SUCCESS ? ERROR_SUCCESS :
(dwResult = create_element(pDoc, bstrElementNameCreate, bstrNamespace, ppXmlElement)) == ERROR_SUCCESS ?
SUCCEEDED(hr = pXmlParent->appendChild(*ppXmlElement, NULL)) ? ERROR_SUCCESS : HRESULT_CODE(hr) : dwResult;
SUCCEEDED(hr = select_element(pXmlParent, bstrElementNameSelect, ppXmlElement)) ? S_OK :
SUCCEEDED(hr = create_element(pDoc, bstrElementNameCreate, bstrNamespace, ppXmlElement)) ?
SUCCEEDED(hr = pXmlParent->appendChild(*ppXmlElement, NULL)) ? S_OK : hr : hr;
}
@ -159,51 +157,50 @@ namespace eapxml
}
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ BSTR *pbstrValue)
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ BSTR *pbstrValue)
{
assert(pbstrValue);
DWORD dwResult;
HRESULT hr;
winstd::com_obj<IXMLDOMElement> pXmlElement;
return
(dwResult = select_element(pXmlParent, bstrElementName, &pXmlElement)) == ERROR_SUCCESS ?
SUCCEEDED(hr = select_element(pXmlParent, bstrElementName, &pXmlElement)) ?
SUCCEEDED(hr = pXmlElement->get_text(pbstrValue)) ?
*pbstrValue ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr) : dwResult;
*pbstrValue ? S_OK : E_NOT_SET : hr : hr;
}
template<class _Traits, class _Ax>
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue)
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue)
{
winstd::bstr bstr;
DWORD dwResult = get_element_value(pXmlParent, bstrElementName, &bstr);
if (dwResult == ERROR_SUCCESS)
HRESULT hr = get_element_value(pXmlParent, bstrElementName, &bstr);
if (SUCCEEDED(hr))
sValue.assign(bstr, bstr.length());
return dwResult;
return hr;
}
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ DWORD *pdwValue)
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ DWORD *pdwValue)
{
assert(pdwValue);
winstd::bstr bstr;
DWORD dwResult = get_element_value(pXmlParent, bstrElementName, &bstr);
if (dwResult == ERROR_SUCCESS)
HRESULT hr = get_element_value(pXmlParent, bstrElementName, &bstr);
if (SUCCEEDED(hr))
*pdwValue = wcstoul(bstr, NULL, 10);
return dwResult;
return hr;
}
inline DWORD get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ bool *pbValue)
inline HRESULT get_element_value(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ bool *pbValue)
{
assert(pbValue);
winstd::bstr bstr;
DWORD dwResult = get_element_value(pXmlParent, bstrElementName, &bstr);
if (dwResult == ERROR_SUCCESS) {
HRESULT hr = get_element_value(pXmlParent, bstrElementName, &bstr);
if (SUCCEEDED(hr)) {
if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstr, bstr.length(), L"true" , -1, NULL, NULL, 0) == CSTR_EQUAL ||
CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstr, bstr.length(), L"1" , -1, NULL, NULL, 0) == CSTR_EQUAL)
*pbValue = true;
@ -212,63 +209,62 @@ namespace eapxml
CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstr, bstr.length(), L"0" , -1, NULL, NULL, 0) == CSTR_EQUAL)
*pbValue = false;
else
dwResult = ERROR_INVALID_DATA;
hr = E_NOT_VALID_STATE;
}
return dwResult;
return hr;
}
template<class _Ty, class _Ax>
inline DWORD get_element_base64(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue)
inline HRESULT get_element_base64(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue)
{
winstd::bstr bstr;
DWORD dwResult = get_element_value(pXmlParent, bstrElementName, &bstr);
if (dwResult == ERROR_SUCCESS) {
HRESULT hr = get_element_value(pXmlParent, bstrElementName, &bstr);
if (SUCCEEDED(hr)) {
winstd::base64_dec dec;
bool is_last;
dec.decode(aValue, is_last, (BSTR)bstr, bstr.length());
}
return dwResult;
return hr;
}
template<class _Ty, class _Ax>
inline DWORD get_element_hex(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue)
inline HRESULT get_element_hex(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _Out_ std::vector<_Ty, _Ax> &aValue)
{
winstd::bstr bstr;
DWORD dwResult = get_element_value(pXmlParent, bstrElementName, &bstr);
if (dwResult == ERROR_SUCCESS) {
HRESULT hr = get_element_value(pXmlParent, bstrElementName, &bstr);
if (SUCCEEDED(hr)) {
winstd::hex_dec dec;
bool is_last;
dec.decode(aValue, is_last, (BSTR)bstr, bstr.length());
}
return dwResult;
return hr;
}
inline DWORD get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ BSTR *pbstrValue)
inline HRESULT get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ BSTR *pbstrValue)
{
assert(pbstrValue);
HRESULT hr;
winstd::com_obj<IXMLDOMElement> pXmlElement;
DWORD dwResult = select_element(pXmlParent, bstrElementName, &pXmlElement);
if (dwResult != ERROR_SUCCESS)
return dwResult;
if (FAILED(hr = select_element(pXmlParent, bstrElementName, &pXmlElement)))
return hr;
winstd::com_obj<IXMLDOMNodeList> pXmlListLocalizedText;
long lCount = 0;
if (select_nodes(pXmlElement, winstd::bstr(L"eap-metadata:localized-text"), &pXmlListLocalizedText) != ERROR_SUCCESS ||
if (FAILED(select_nodes(pXmlElement, winstd::bstr(L"eap-metadata:localized-text"), &pXmlListLocalizedText)) ||
FAILED(pXmlListLocalizedText->get_length(&lCount)) ||
lCount <= 0)
{
return
SUCCEEDED(hr = pXmlElement->get_text(pbstrValue)) ?
*pbstrValue ? ERROR_SUCCESS : ERROR_NO_DATA : HRESULT_CODE(hr);
*pbstrValue ? S_OK : E_NOT_SET : hr;
}
winstd::bstr bstrDefault, bstrEn;
@ -277,11 +273,11 @@ namespace eapxml
if (bstrDefault != NULL) {
// Return "C" localization.
*pbstrValue = bstrDefault.detach();
return ERROR_SUCCESS;
return S_OK;
} else if (bstrEn != NULL) {
// Return "en" localization.
*pbstrValue = bstrEn.detach();
return ERROR_SUCCESS;
return S_OK;
} else
return ERROR_NOT_FOUND;
}
@ -292,12 +288,12 @@ namespace eapxml
{
// Read <lang>.
winstd::bstr bstrLang;
if (get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:lang"), &bstrLang) != ERROR_SUCCESS ||
if (FAILED(get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:lang"), &bstrLang)) ||
CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrLang, bstrLang.length(), L"C" , -1, NULL, NULL, 0) == CSTR_EQUAL)
{
// <lang> is missing or "C" language found.
winstd::bstr bstr;
if ((dwResult = get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:text"), &bstr)) == ERROR_SUCCESS)
if (SUCCEEDED(hr = get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:text"), &bstr)))
bstrDefault.attach(bstr.detach());
} else if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrLang, bstrLang.length(), pszLang, -1, NULL, NULL, 0) == CSTR_EQUAL) {
// Found an exact match.
@ -305,7 +301,7 @@ namespace eapxml
} else if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrLang, bstrLang.length(), L"en", -1, NULL, NULL, 0) == CSTR_EQUAL) {
// "en" language found.
winstd::bstr bstr;
if ((dwResult = get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:text"), &bstr)) == ERROR_SUCCESS)
if (SUCCEEDED(hr = get_element_value(pXmlElLocalizedText, winstd::bstr(L"eap-metadata:text"), &bstr)))
bstrEn.attach(bstr.detach());
}
}
@ -314,17 +310,17 @@ namespace eapxml
template<class _Traits, class _Ax>
inline DWORD get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue)
inline HRESULT get_element_localized(_In_ IXMLDOMNode *pXmlParent, _In_z_ const BSTR bstrElementName, _In_z_ LPCWSTR pszLang, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &sValue)
{
winstd::bstr bstr;
DWORD dwResult = get_element_localized(pXmlParent, bstrElementName, pszLang, &bstr);
if (dwResult == ERROR_SUCCESS)
HRESULT hr = get_element_localized(pXmlParent, bstrElementName, pszLang, &bstr);
if (SUCCEEDED(hr))
sValue.assign(bstr, bstr.length());
return dwResult;
return hr;
}
inline DWORD put_element(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
inline HRESULT put_element(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _Out_ IXMLDOMElement **ppXmlElement)
{
assert(pDoc);
assert(pCurrentDOMNode);
@ -337,11 +333,11 @@ namespace eapxml
return
SUCCEEDED(hr = pDoc->createNode(varNodeTypeEl, bstrElementName, bstrNamespace, &pXmlEl)) &&
SUCCEEDED(hr = pCurrentDOMNode->appendChild(pXmlEl, NULL)) &&
SUCCEEDED(hr = pXmlEl.query_interface(ppXmlElement)) ? ERROR_SUCCESS : HRESULT_CODE(hr);
SUCCEEDED(hr = pXmlEl.query_interface(ppXmlElement)) ? S_OK : hr;
}
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_z_ const BSTR bstrValue)
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_z_ const BSTR bstrValue)
{
assert(pDoc);
@ -354,23 +350,23 @@ namespace eapxml
SUCCEEDED(hr = pDoc->createNode(varNodeTypeEl, bstrElementName, bstrNamespace, &pXmlEl)) &&
SUCCEEDED(hr = pDoc->createTextNode(bstrValue, &pXmlElText)) &&
SUCCEEDED(hr = pXmlEl->appendChild(pXmlElText, NULL)) &&
SUCCEEDED(hr = pCurrentDOMNode->appendChild(pXmlEl, NULL)) ? ERROR_SUCCESS : HRESULT_CODE(hr);
SUCCEEDED(hr = pCurrentDOMNode->appendChild(pXmlEl, NULL)) ? S_OK : hr;
}
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ DWORD dwValue)
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ DWORD dwValue)
{
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(winstd::wstring_printf(L"%d", dwValue)));
}
inline DWORD put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ bool bValue)
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ bool bValue)
{
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(bValue ? L"true": L"false"));
}
inline DWORD put_element_base64(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen)
inline HRESULT put_element_base64(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen)
{
std::wstring sBase64;
winstd::base64_enc enc;
@ -379,7 +375,7 @@ namespace eapxml
}
inline DWORD put_element_hex(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen)
inline HRESULT put_element_hex(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_count_(nValueLen) LPCVOID pValue, _In_ SIZE_T nValueLen)
{
std::wstring sHex;
winstd::hex_enc enc;

20
lib/EAPBase/include/Module.h
View File

@ -322,20 +322,20 @@ namespace eap
std::unique_ptr<unsigned char[], winstd::LocalFree_delete<unsigned char[]> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."));
throw win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed.");
if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Private key import failed."));
throw win_runtime_error(__FUNCTION__ " Private key import failed.");
// Import the 256-bit AES session key.
winstd::crypt_key key_aes;
if (!CryptImportKey(hProv, (LPCBYTE)data, 268, key_rsa, 0, &key_aes))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptImportKey failed."));
throw win_runtime_error(__FUNCTION__ " CryptImportKey failed.");
// Decrypt the data using AES session key.
std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > buf;
buf.assign((const unsigned char*)data + 268, (const unsigned char*)data + size);
if (!CryptDecrypt(key_aes, hHash, TRUE, 0, buf))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptDecrypt failed."));
throw win_runtime_error(__FUNCTION__ " CryptDecrypt failed.");
return std::vector<_Ty, _Ax>(buf);
}
@ -394,7 +394,7 @@ namespace eap
// Create hash.
winstd::crypt_hash hash;
if (!hash.create(hProv, CALG_MD5))
throw win_runtime_error(_T(__FUNCTION__) _T(" Creating MD5 hash failed."));
throw win_runtime_error(__FUNCTION__ " Creating MD5 hash failed.");
DWORD dwHashSize;
CryptGetHashParam(hash, HP_HASHSIZE, dwHashSize, 0);
if (size < dwHashSize)
@ -407,7 +407,7 @@ namespace eap
// Calculate MD5 hash and verify it.
std::vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Calculating MD5 hash failed."));
throw win_runtime_error(__FUNCTION__ " Calculating MD5 hash failed.");
if (memcmp((unsigned char*)data + enc_size, hash_bin.data(), dwHashSize) != 0)
throw invalid_argument(__FUNCTION__ " Invalid encrypted data.");
@ -477,7 +477,7 @@ namespace eap
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptAcquireContext failed."));
throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Decrypt data.
std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data(std::move(decrypt_md5<unsigned char, winstd::sanitizing_allocator<unsigned char> >(cp, pDataIn, dwDataInSize)));
@ -520,7 +520,7 @@ namespace eap
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptAcquireContext failed."));
throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Encrypt BLOB.
std::vector<unsigned char> data_enc(std::move(encrypt_md5(cp, data.data(), data.size())));
@ -528,15 +528,11 @@ namespace eap
// Copy encrypted BLOB to output.
*pdwDataOutSize = (DWORD)data_enc.size();
*ppDataOut = alloc_memory(*pdwDataOutSize);
if (!*ppDataOut)
throw win_runtime_error(ERROR_OUTOFMEMORY, winstd::wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str());
memcpy(*ppDataOut, data_enc.data(), *pdwDataOutSize);
#else
// Allocate BLOB.
*pdwDataOutSize = (DWORD)pksizeof(record);
*ppDataOut = alloc_memory(*pdwDataOutSize);
if (!*ppDataOut)
throw win_runtime_error(ERROR_OUTOFMEMORY, winstd::wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str());
// Pack to BLOB.
cursor_out cursor = { *ppDataOut, *ppDataOut + *pdwDataOutSize };

98
lib/EAPBase/src/Config.cpp
View File

@ -194,16 +194,16 @@ void eap::config_method_with_cred::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOM
assert(pConfigRoot);
const winstd::bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientSideCredential> element.");
// <ClientSideCredential>/<allow-save>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), bstrNamespace, m_allow_save)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <allow-save> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), bstrNamespace, m_allow_save)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <allow-save> element.");
if (m_use_preshared)
m_preshared->save(pDoc, pXmlElClientSideCredential);
@ -220,7 +220,7 @@ void eap::config_method_with_cred::load(_In_ IXMLDOMNode *pConfigRoot)
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (eapxml::select_element(pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::select_element(pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential))) {
std::wstring xpath(eapxml::get_xpath(pXmlElClientSideCredential));
// <allow-save>
@ -363,79 +363,78 @@ void eap::config_provider::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
config::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <read-only>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"read-only"), bstrNamespace, m_read_only)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <read-only> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"read-only"), bstrNamespace, m_read_only)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <read-only> element.");
// <ID>
if (!m_id.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"ID"), bstrNamespace, bstr(m_id))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ID> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"ID"), bstrNamespace, bstr(m_id))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ID> element.");
// <ProviderInfo>
com_obj<IXMLDOMElement> pXmlElProviderInfo;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), bstr(L"ProviderInfo"), bstrNamespace, &pXmlElProviderInfo)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ProviderInfo> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), bstr(L"ProviderInfo"), bstrNamespace, &pXmlElProviderInfo)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ProviderInfo> element.");
// <ProviderInfo>/<DisplayName>
if (!m_name.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"DisplayName"), bstrNamespace, bstr(m_name))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <DisplayName> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"DisplayName"), bstrNamespace, bstr(m_name))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <DisplayName> element.");
// <ProviderInfo>/<Helpdesk>
com_obj<IXMLDOMElement> pXmlElHelpdesk;
if ((dwResult = eapxml::create_element(pDoc, pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), bstr(L"Helpdesk"), bstrNamespace, &pXmlElHelpdesk)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Helpdesk> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), bstr(L"Helpdesk"), bstrNamespace, &pXmlElHelpdesk)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Helpdesk> element.");
// <ProviderInfo>/<Helpdesk>/<EmailAddress>
if (!m_help_email.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"EmailAddress"), bstrNamespace, bstr(m_help_email))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <EmailAddress> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"EmailAddress"), bstrNamespace, bstr(m_help_email))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EmailAddress> element.");
// <ProviderInfo>/<Helpdesk>/<WebAddress>
if (!m_help_web.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"WebAddress"), bstrNamespace, bstr(m_help_web))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <WebAddress> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"WebAddress"), bstrNamespace, bstr(m_help_web))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <WebAddress> element.");
// <ProviderInfo>/<Helpdesk>/<Phone>
if (!m_help_phone.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"Phone"), bstrNamespace, bstr(m_help_phone))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Phone> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"Phone"), bstrNamespace, bstr(m_help_phone))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Phone> element.");
// <ProviderInfo>/<CredentialPrompt>
if (!m_lbl_alt_credential.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"CredentialPrompt"), bstrNamespace, bstr(m_lbl_alt_credential))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <CredentialPrompt> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"CredentialPrompt"), bstrNamespace, bstr(m_lbl_alt_credential))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CredentialPrompt> element.");
// <ProviderInfo>/<UserNameLabel>
if (!m_lbl_alt_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"UserNameLabel"), bstrNamespace, bstr(m_lbl_alt_identity))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <UserNameLabel> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"UserNameLabel"), bstrNamespace, bstr(m_lbl_alt_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <UserNameLabel> element.");
// <ProviderInfo>/<PasswordLabel>
if (!m_lbl_alt_password.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"PasswordLabel"), bstrNamespace, bstr(m_lbl_alt_password))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <PasswordLabel> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"PasswordLabel"), bstrNamespace, bstr(m_lbl_alt_password))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <PasswordLabel> element.");
// <AuthenticationMethods>
com_obj<IXMLDOMElement> pXmlElAuthenticationMethods;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethods> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethods> element.");
for (list<unique_ptr<config_method> >::const_iterator method = m_methods.cbegin(), method_end = m_methods.cend(); method != method_end; ++method) {
// <AuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod)))
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethod> element."));
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethod> element.");
// <AuthenticationMethod>/...
method->get()->save(pDoc, pXmlElAuthenticationMethod);
if (FAILED(hr = pXmlElAuthenticationMethods->appendChild(pXmlElAuthenticationMethod, NULL)))
throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <AuthenticationMethod> element."));
throw com_runtime_error(hr, __FUNCTION__ " Error appending <AuthenticationMethod> element.");
}
}
@ -443,13 +442,13 @@ void eap::config_provider::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
void eap::config_provider::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
wstring xpath(eapxml::get_xpath(pConfigRoot));
config::load(pConfigRoot);
// <read-only>
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:read-only"), &m_read_only)) != ERROR_SUCCESS)
if (FAILED(hr = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:read-only"), &m_read_only)))
m_read_only = true;
m_module.log_config((xpath + L"/read-only").c_str(), m_read_only);
@ -467,7 +466,7 @@ void eap::config_provider::load(_In_ IXMLDOMNode *pConfigRoot)
m_lbl_alt_identity.clear();
m_lbl_alt_password.clear();
com_obj<IXMLDOMElement> pXmlElProviderInfo;
if (eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), &pXmlElProviderInfo) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), &pXmlElProviderInfo))) {
wstring lang;
LoadString(m_module.m_instance, 2, lang);
wstring xpathProviderInfo(xpath + L"/ProviderInfo");
@ -477,7 +476,7 @@ void eap::config_provider::load(_In_ IXMLDOMNode *pConfigRoot)
m_module.log_config((xpathProviderInfo + L"/DisplayName").c_str(), m_name.c_str());
com_obj<IXMLDOMElement> pXmlElHelpdesk;
if (eapxml::select_element(pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), &pXmlElHelpdesk) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::select_element(pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), &pXmlElHelpdesk))) {
wstring xpathHelpdesk(xpathProviderInfo + L"/Helpdesk");
// <Helpdesk>/<EmailAddress>
@ -509,8 +508,8 @@ void eap::config_provider::load(_In_ IXMLDOMNode *pConfigRoot)
// Iterate authentication methods (<AuthenticationMethods>).
m_methods.clear();
com_obj<IXMLDOMNodeList> pXmlListMethods;
if ((dwResult = eapxml::select_nodes(pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods/eap-metadata:AuthenticationMethod"), &pXmlListMethods)) != ERROR_SUCCESS)
throw invalid_argument(__FUNCTION__ " Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements.");
if (FAILED(hr = eapxml::select_nodes(pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods/eap-metadata:AuthenticationMethod"), &pXmlListMethods)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements.");
long lCount = 0;
pXmlListMethods->get_length(&lCount);
for (long i = 0; i < lCount; i++) {
@ -521,7 +520,7 @@ void eap::config_provider::load(_In_ IXMLDOMNode *pConfigRoot)
// Check EAP method type (<EAPMethod>).
DWORD dwMethodID;
if (eapxml::get_element_value(pXmlElMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethodID) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::get_element_value(pXmlElMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethodID))) {
if ((eap_type_t)dwMethodID != cfg->get_method_id()) {
// Wrong type.
continue;
@ -655,25 +654,24 @@ void eap::config_provider_list::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNod
config::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// Select <EAPIdentityProviderList> node.
com_obj<IXMLDOMNode> pXmlElIdentityProviderList;
if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)) != ERROR_SUCCESS)
throw invalid_argument(__FUNCTION__ " Error selecting <EAPIdentityProviderList> element.");
if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <EAPIdentityProviderList> element.");
for (list<config_provider>::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) {
// <EAPIdentityProvider>
com_obj<IXMLDOMElement> pXmlElIdentityProvider;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider)))
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <EAPIdentityProvider> element."));
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EAPIdentityProvider> element.");
// <EAPIdentityProvider>/...
provider->save(pDoc, pXmlElIdentityProvider);
if (FAILED(hr = pXmlElIdentityProviderList->appendChild(pXmlElIdentityProvider, NULL)))
throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <EAPIdentityProvider> element."));
throw com_runtime_error(hr, __FUNCTION__ " Error appending <EAPIdentityProvider> element.");
}
}
@ -681,14 +679,14 @@ void eap::config_provider_list::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNod
void eap::config_provider_list::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
config::load(pConfigRoot);
// Iterate authentication providers (<EAPIdentityProvider>).
com_obj<IXMLDOMNodeList> pXmlListProviders;
if ((dwResult = eapxml::select_nodes(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList/eap-metadata:EAPIdentityProvider"), &pXmlListProviders)) != ERROR_SUCCESS)
throw invalid_argument(__FUNCTION__ " Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements.");
if (FAILED(hr = eapxml::select_nodes(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList/eap-metadata:EAPIdentityProvider"), &pXmlListProviders)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements.");
long lCount = 0;
pXmlListProviders->get_length(&lCount);
for (long i = 0; i < lCount; i++) {

30
lib/EAPBase/src/Credentials.cpp
View File

@ -154,38 +154,38 @@ void eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
credentials::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <UserName>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <UserName> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <UserName> element.");
// <Password>
bstr pass(m_password);
dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), bstrNamespace, pass);
hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), bstrNamespace, pass);
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (dwResult != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Password> element."));
if (FAILED(hr))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Password> element.");
}
void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
credentials::load(pConfigRoot);
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error reading <UserName> element."));
if (FAILED(hr = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)))
throw com_runtime_error(hr, __FUNCTION__ " Error reading <UserName> element.");
m_module.log_config((xpath + L"/UserName").c_str(), m_identity.c_str());
bstr pass;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:Password"), &pass)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error reading <Password> element."));
if (FAILED(hr = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:Password"), &pass)))
throw com_runtime_error(hr, __FUNCTION__ " Error reading <Password> element.");
m_password = pass;
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
@ -237,7 +237,7 @@ void eap::credentials_pass::store(_In_ LPCTSTR pszTargetName) const
DATA_BLOB entropy_blob = { sizeof(s_entropy), (LPBYTE)s_entropy };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptProtectData failed."));
throw win_runtime_error(__FUNCTION__ " CryptProtectData failed.");
tstring target(target_name(pszTargetName));
@ -259,7 +259,7 @@ void eap::credentials_pass::store(_In_ LPCTSTR pszTargetName) const
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" CredWrite failed."));
throw win_runtime_error(__FUNCTION__ " CredWrite failed.");
}
@ -270,14 +270,14 @@ void eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName)
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred))
throw win_runtime_error(_T(__FUNCTION__) _T(" CredRead failed."));
throw win_runtime_error(__FUNCTION__ " CredRead failed.");
// Decrypt the password using user's key.
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptUnprotectData failed."));
throw win_runtime_error(__FUNCTION__ " CryptUnprotectData failed.");
// Convert password from UTF-8.
MultiByteToWideChar(CP_UTF8, 0, (LPCSTR)cred_int.pbData, (int)cred_int.cbData, m_password);

80
lib/EAPBase/src/EAP.cpp
View File

@ -1,80 +0,0 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
using namespace std;
using namespace winstd;
//////////////////////////////////////////////////////////////////////
// eap::win_runtime_error
//////////////////////////////////////////////////////////////////////
eap::win_runtime_error::win_runtime_error(_In_ DWORD error, _In_ const tstring& msg) :
m_error(error),
m_msg(msg),
runtime_error("")
{
}
eap::win_runtime_error::win_runtime_error(_In_ DWORD error, _In_z_ const TCHAR *msg) :
m_error(error),
m_msg(msg),
runtime_error("")
{
}
eap::win_runtime_error::win_runtime_error(_In_ const tstring& msg) :
m_error(GetLastError()),
m_msg(msg),
runtime_error("")
{
}
eap::win_runtime_error::win_runtime_error(_In_z_ const TCHAR *msg) :
m_error(GetLastError()),
m_msg(msg),
runtime_error("")
{
}
eap::win_runtime_error::win_runtime_error(const win_runtime_error &other) :
m_error(other.m_error),
m_msg(other.m_msg),
runtime_error(other.what())
{
}
eap::win_runtime_error& eap::win_runtime_error::operator=(const win_runtime_error &other)
{
if (this != addressof(other)) {
*(runtime_error*)this = other;
m_error = other.m_error;
m_msg = other.m_msg;
}
return *this;
}

59
lib/EAPBase/src/Module.cpp
View File

@ -87,26 +87,41 @@ EAP_ERROR* eap::module::make_error(_In_ DWORD dwErrorCode, _In_opt_z_ LPCWSTR ps
EAP_ERROR* eap::module::make_error(_In_ std::exception &err) const
{
win_runtime_error &err_rt(dynamic_cast<win_runtime_error&>(err));
if (&err_rt)
return make_error(err_rt.m_error, err_rt.m_msg.c_str());
wstring what;
MultiByteToWideChar(CP_ACP, 0, err.what(), -1, what);
invalid_argument &err_ia(dynamic_cast<invalid_argument&>(err));
if (&err_ia) {
wstring str;
MultiByteToWideChar(CP_ACP, 0, err_ia.what(), -1, str);
return make_error(ERROR_INVALID_PARAMETER, str.c_str());
{
win_runtime_error &e(dynamic_cast<win_runtime_error&>(err));
if (&e)
return make_error(e.number(), what.c_str());
}
wstring str;
MultiByteToWideChar(CP_ACP, 0, err.what(), -1, str);
return make_error(ERROR_INVALID_DATA, str.c_str());
{
com_runtime_error &e(dynamic_cast<com_runtime_error&>(err));
if (&e)
return make_error(HRESULT_CODE(e.number()), what.c_str());
}
{
invalid_argument &e(dynamic_cast<invalid_argument&>(err));
if (&e)
return make_error(ERROR_INVALID_PARAMETER, what.c_str());
}
wstring name;
MultiByteToWideChar(CP_ACP, 0, typeid(err).name(), -1, name);
name += L": ";
name += what;
return make_error(ERROR_INVALID_DATA, name.c_str());
}
BYTE* eap::module::alloc_memory(_In_ size_t size)
{
return (BYTE*)HeapAlloc(m_heap, 0, size);
BYTE *p = (BYTE*)HeapAlloc(m_heap, 0, size);
if (!p)
throw win_runtime_error(winstd::string_printf(__FUNCTION__ " Error allocating memory for BLOB (%uB).", size));
return p;
}
@ -158,7 +173,7 @@ std::vector<unsigned char> eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec
// Generate 256-bit AES session key.
crypt_key key_aes;
if (!CryptGenKey(hProv, CALG_AES_256, MAKELONG(CRYPT_EXPORTABLE, 256), &key_aes))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptGenKey failed."));
throw win_runtime_error(__FUNCTION__ " CryptGenKey failed.");
// Import the public RSA key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PUBLIC), RT_RCDATA);
@ -169,14 +184,14 @@ std::vector<unsigned char> eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec
unique_ptr<CERT_PUBLIC_KEY_INFO, LocalFree_delete<CERT_PUBLIC_KEY_INFO> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."));
throw win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed.");
if (!key_rsa.import_public(hProv, X509_ASN_ENCODING, keyinfo_data.get()))
throw win_runtime_error(_T(__FUNCTION__) _T(" Public key import failed."));
throw win_runtime_error(__FUNCTION__ " Public key import failed.");
// Export AES session key encrypted with public RSA key.
vector<unsigned char, sanitizing_allocator<unsigned char> > buf;
if (!CryptExportKey(key_aes, key_rsa, SIMPLEBLOB, 0, buf))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptExportKey failed."));
throw win_runtime_error(__FUNCTION__ " CryptExportKey failed.");
std::vector<unsigned char> enc(buf.begin(), buf.end());
// Pre-allocate memory to allow space, as encryption will grow the data.
@ -187,7 +202,7 @@ std::vector<unsigned char> eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec
// Encrypt the data using AES key.
if (!CryptEncrypt(key_aes, hHash, TRUE, 0, buf))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptEncrypt failed."));
throw win_runtime_error(__FUNCTION__ " CryptEncrypt failed.");
// Append encrypted data.
enc.insert(enc.cend(), buf.begin(), buf.end());
@ -200,7 +215,7 @@ std::vector<unsigned char> eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_b
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5))
throw win_runtime_error(_T(__FUNCTION__) _T(" Creating MD5 hash failed."));
throw win_runtime_error(__FUNCTION__ " Creating MD5 hash failed.");
// Encrypt data.
std::vector<unsigned char> enc(std::move(encrypt(hProv, data, size, hash)));
@ -238,7 +253,7 @@ void eap::peer::query_credential_input_fields(
UNREFERENCED_PARAMETER(pConnectionData);
UNREFERENCED_PARAMETER(pEapConfigInputFieldsArray);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -259,7 +274,7 @@ void eap::peer::query_user_blob_from_credential_input_fields(
UNREFERENCED_PARAMETER(pdwUsersBlobSize);
UNREFERENCED_PARAMETER(ppUserBlob);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -276,7 +291,7 @@ void eap::peer::query_interactive_ui_input_fields(
UNREFERENCED_PARAMETER(pUIContextData);
UNREFERENCED_PARAMETER(pEapInteractiveUIData);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -297,5 +312,5 @@ void eap::peer::query_ui_blob_from_interactive_ui_input_fields(
UNREFERENCED_PARAMETER(pdwDataFromInteractiveUISize);
UNREFERENCED_PARAMETER(ppDataFromInteractiveUI);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}

8
lib/EAPBase_UI/include/EAP_UI.h
View File

@ -431,8 +431,8 @@ protected:
// Read credentials from Credential Manager
try {
m_cred.retrieve(m_target.c_str());
} catch (eap::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error reading credentials from Credential Manager: %ls (error %u)"), err.m_msg.c_str(), err.m_error).c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error reading credentials from Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Reading credentials failed."));
}
@ -451,8 +451,8 @@ protected:
// Write credentials to credential manager.
try {
m_cred.store(m_target.c_str());
} catch (eap::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %ls (error %u)"), err.m_msg.c_str(), err.m_error).c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Writing credentials failed."));
}

4
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@ -87,13 +87,13 @@ wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &p
m_provider_locked_label->SetLabel(wxString::Format(_("%s has pre-set parts of this configuration. Those parts are locked to prevent accidental modification."),
!m_prov.m_name.empty() ? m_prov.m_name.c_str() :
!m_prov.m_id .empty() ? winstd::string_printf(_("Your %ls provider"), m_prov.m_id.c_str()).c_str() : _("Your provider")));
!m_prov.m_id .empty() ? winstd::tstring_printf(_("Your %ls provider"), m_prov.m_id.c_str()).c_str() : _("Your provider")));
m_provider_locked_label->Wrap(452);
if (!m_prov.m_help_email.empty() || !m_prov.m_help_web.empty() || !m_prov.m_help_phone.empty()) {
wxStaticText *provider_notice = new wxStaticText(this, wxID_ANY, wxString::Format(_("For additional help and instructions, please contact %s at:"),
!m_prov.m_name.empty() ? m_prov.m_name.c_str() :
!m_prov.m_id .empty() ? winstd::string_printf(_("your %ls provider"), m_prov.m_id.c_str()).c_str() : _("your provider")), wxDefaultPosition, wxDefaultSize, 0);
!m_prov.m_id .empty() ? winstd::tstring_printf(_("your %ls provider"), m_prov.m_id.c_str()).c_str() : _("your provider")), wxDefaultPosition, wxDefaultSize, 0);
provider_notice->Wrap(452);
m_provider_locked_vert->Add(provider_notice, 0, wxUP|wxLEFT|wxRIGHT|wxEXPAND, 5);

33
lib/TLS/src/Config.cpp
View File

@ -126,39 +126,38 @@ void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
config_method_with_cred::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ServerSideCredential> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element.");
for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) {
// <CA>
com_obj<IXMLDOMElement> pXmlElCA;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA)))
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <CA> element."));
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element.");
// <CA>/<format>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <format> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <CA>/<cert-data>
const cert_context &cc = *i;
if ((dwResult = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <cert-data> element."));
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL)))
throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <CA> element."));
throw com_runtime_error(hr, __FUNCTION__ " Error appending <CA> element.");
}
// <ServerName>
for (list<string>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) {
wstring str;
MultiByteToWideChar(CP_UTF8, 0, i->c_str(), (int)i->length(), str);
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ServerName> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element.");
}
}
@ -176,19 +175,19 @@ void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot)
// <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if (eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential))) {
std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential");
// <CA>
com_obj<IXMLDOMNodeList> pXmlListCAs;
long lCACount = 0;
if (eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs) == ERROR_SUCCESS && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs)) && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) {
for (long j = 0; j < lCACount; j++) {
// Load CA certificate.
com_obj<IXMLDOMNode> pXmlElCA;
pXmlListCAs->get_item(j, &pXmlElCA);
bstr bstrFormat;
if (eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat) != ERROR_SUCCESS) {
if (FAILED(eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat))) {
// <format> not specified.
continue;
}
@ -199,7 +198,7 @@ void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot)
}
vector<unsigned char> aData;
if (eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData) != ERROR_SUCCESS) {
if (FAILED(eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData))) {
// Error reading <cert-data> element.
continue;
}
@ -217,7 +216,7 @@ void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot)
// <ServerName>
com_obj<IXMLDOMNodeList> pXmlListServerIDs;
long lServerIDCount = 0;
if (eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs) == ERROR_SUCCESS && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs)) && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) {
for (long j = 0; j < lServerIDCount; j++) {
// Load server name (<ServerName>).
com_obj<IXMLDOMNode> pXmlElServerID;

35
lib/TLS/src/Credentials.cpp
View File

@ -96,33 +96,32 @@ void eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
credentials::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <ClientCertificate>
com_obj<IXMLDOMElement> pXmlElClientCertificate;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"ClientCertificate"), bstrNamespace, &pXmlElClientCertificate)))
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientCertificate> element."));
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"ClientCertificate"), bstrNamespace, &pXmlElClientCertificate)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientCertificate> element.");
if (m_cert) {
// <ClientCertificate>/<format>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientCertificate, bstr(L"format"), bstrNamespace, bstr(L"PEM"))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <format> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientCertificate, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <ClientCertificate>/<cert-data>
if ((dwResult = eapxml::put_element_base64(pDoc, pXmlElClientCertificate, bstr(L"cert-data"), bstrNamespace, m_cert->pbCertEncoded, m_cert->cbCertEncoded)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <cert-data> element."));
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElClientCertificate, bstr(L"cert-data"), bstrNamespace, m_cert->pbCertEncoded, m_cert->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
}
if (FAILED(hr = pConfigRoot->appendChild(pXmlElClientCertificate, NULL)))
throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <ClientCertificate> element."));
throw com_runtime_error(hr, __FUNCTION__ " Error appending <ClientCertificate> element.");
}
void eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
credentials::load(pConfigRoot);
@ -132,16 +131,16 @@ void eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot)
// <ClientCertificate>
com_obj<IXMLDOMElement> pXmlElClientCertificate;
if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ClientCertificate"), &pXmlElClientCertificate)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error reading <ClientCertificate> element."));
if (FAILED(hr = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ClientCertificate"), &pXmlElClientCertificate)))
throw com_runtime_error(hr, __FUNCTION__ " Error reading <ClientCertificate> element.");
// <ClientCertificate>/<format>
bstr bstrFormat;
if ((dwResult = eapxml::get_element_value(pXmlElClientCertificate, bstr(L"eap-metadata:format"), &bstrFormat)) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::get_element_value(pXmlElClientCertificate, bstr(L"eap-metadata:format"), &bstrFormat))) {
if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrFormat, bstrFormat.length(), L"PEM", -1, NULL, NULL, 0) == CSTR_EQUAL) {
// <ClientCertificate>/<cert-data>
vector<unsigned char> aData;
if ((dwResult = eapxml::get_element_base64(pXmlElClientCertificate, bstr(L"eap-metadata:cert-data"), aData)) == ERROR_SUCCESS)
if (SUCCEEDED(eapxml::get_element_base64(pXmlElClientCertificate, bstr(L"eap-metadata:cert-data"), aData)))
m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
}
}
@ -180,7 +179,7 @@ void eap::credentials_tls::store(_In_ LPCTSTR pszTargetName) const
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptProtectData failed."));
throw win_runtime_error(__FUNCTION__ " CryptProtectData failed.");
tstring target(target_name(pszTargetName));
wstring name(std::move(get_name()));
@ -203,7 +202,7 @@ void eap::credentials_tls::store(_In_ LPCTSTR pszTargetName) const
(LPTSTR)name.c_str() // UserName
};
if (!CredWrite(&cred, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" CredWrite failed."));
throw win_runtime_error(__FUNCTION__ " CredWrite failed.");
}
@ -214,19 +213,19 @@ void eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName)
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred))
throw win_runtime_error(_T(__FUNCTION__) _T(" CredRead failed."));
throw win_runtime_error(__FUNCTION__ " CredRead failed.");
// Decrypt the certificate using user's key.
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int))
throw win_runtime_error(_T(__FUNCTION__) _T(" CryptUnprotectData failed."));
throw win_runtime_error(__FUNCTION__ " CryptUnprotectData failed.");
bool bResult = m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cred_int.pbData, cred_int.cbData);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
if (!bResult)
throw win_runtime_error(_T(__FUNCTION__) _T(" Error loading certificate."));
throw win_runtime_error(__FUNCTION__ " Error loading certificate.");
m_module.log_config((wstring(pszTargetName) + L"/Certificate").c_str(), get_name().c_str());
}

78
lib/TLS/src/Method.cpp
View File

@ -230,7 +230,7 @@ void eap::method_tls::begin_session(
// Create cryptographics provider.
if (!m_cp.create(NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating cryptographics provider."));
throw win_runtime_error(__FUNCTION__ " Error creating cryptographics provider.");
// HMAC symmetric key generation sample. To be used later...
//crypt_hash hash_key;
@ -250,7 +250,7 @@ void eap::method_tls::process_request_packet(
// Is this a valid EAP-TLS packet?
if (dwReceivedPacketSize < 6)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Packet is too small. EAP-%s packets should be at least 6B."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Packet is too small. EAP-%s packets should be at least 6B.");
//else if (pReceivedPacket->Data[0] != eap_type_tls) // Skip method check, to allow TTLS extension.
// throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" Packet is not EAP-TLS (expected: %u, received: %u)."), eap_type_tls, pReceivedPacket->Data[0]).c_str());
@ -315,7 +315,7 @@ void eap::method_tls::process_request_packet(
// Generate client randomness.
_time32(&m_random_client.time);
if (!CryptGenRandom(m_cp, sizeof(m_random_client.data), m_random_client.data))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating client randomness."));
throw win_runtime_error(__FUNCTION__ " Error creating client randomness.");
m_random_server.clear();
m_server_cert_chain.clear();
m_send_client_cert = false;
@ -323,11 +323,11 @@ void eap::method_tls::process_request_packet(
// Create MD5 hash object.
if (!m_hash_handshake_msgs_md5.create(m_cp, CALG_MD5, NULL, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating MD5 hashing object."));
throw win_runtime_error(__FUNCTION__ " Error creating MD5 hashing object.");
// Create SHA-1 hash object.
if (!m_hash_handshake_msgs_sha1.create(m_cp, CALG_SHA1, NULL, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating SHA-1 hashing object."));
throw win_runtime_error(__FUNCTION__ " Error creating SHA-1 hashing object.");
m_seq_num = 0;
}
@ -349,7 +349,7 @@ void eap::method_tls::process_request_packet(
pEapOutput->action = EapPeerMethodResponseActionSend;
return;
} else
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" ACK expected, received %u-%u-%x."), m_packet_req.m_code, m_packet_req.m_id, m_packet_req.m_flags).c_str());
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, string_printf(__FUNCTION__ " ACK expected, received %u-%u-%x.", m_packet_req.m_code, m_packet_req.m_id, m_packet_req.m_flags));
}
switch (m_phase) {
@ -376,10 +376,10 @@ void eap::method_tls::process_request_packet(
case phase_server_hello: {
if (m_packet_req.m_data.size() < 5)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" TLS message too small (expected >=5, received %uB)."), m_packet_req.m_data.size()).c_str());
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, string_printf(__FUNCTION__ " TLS message too small (expected >=5, received %uB).", m_packet_req.m_data.size()));
const message *msg = (const message*)m_packet_req.m_data.data();
if (msg->type != message_type_handshake)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" Wrong TLS message (expected %u, received %uB)."), message_type_handshake, msg->type).c_str());
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, string_printf(__FUNCTION__ " Wrong TLS message (expected %u, received %uB).", message_type_handshake, msg->type));
process_handshake(msg->data, std::min<size_t>(ntohs(*(unsigned short*)msg->length), m_packet_req.m_data.size() - 5));
@ -387,7 +387,7 @@ void eap::method_tls::process_request_packet(
}
default:
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
// Request packet was processed. Clear its data since we use the absence of data to detect first of fragmented message packages.
@ -458,7 +458,7 @@ void eap::method_tls::get_result(
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -542,70 +542,70 @@ void eap::method_tls::process_handshake(_In_bytecount_(msg_size) const void *_ms
for (const unsigned char *msg = (const unsigned char*)_msg, *msg_end = msg + msg_size; msg < msg_end; ) {
// Parse record header.
if (msg + sizeof(unsigned int) > msg_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Incomplete record header."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Incomplete record header.");
unsigned int hdr = ntohl(*(unsigned int*)msg);
const unsigned char
*rec = msg + sizeof(unsigned int),
*rec_end = rec + (hdr & 0xffffff);
if (rec_end > msg_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Incomplete record rec."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Incomplete record rec.");
// Process record.
switch (hdr >> 24) {
case server_hello:
// TLS version
if (rec + 2 > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Server SSL/TLS version missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Server SSL/TLS version missing or incomplete.");
else if (rec[0] != 3 || rec[1] != 1)
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported SSL/TLS version."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Unsupported SSL/TLS version.");
rec += 2;
// Server random
if (rec + sizeof(m_random_server) > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Server random missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Server random missing or incomplete.");
memcpy(&m_random_server, rec, sizeof(m_random_server));
rec += sizeof(m_random_server);
// Session ID
if (rec + 1 > rec_end || rec + 1 + rec[0] > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Session ID missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Session ID missing or incomplete.");
assert(rec[0] <= 32); // According to RFC 5246 session IDs should not be longer than 32B.
m_session_id.assign(rec + 1, rec + 1 + rec[0]);
rec += rec[0] + 1;
// Cipher
if (rec + 2 > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Cipher or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Cipher or incomplete.");
if (rec[0] != 0x00 || rec[1] != 0x0a)
throw win_runtime_error(ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Other than requested cipher selected (expected 0x000a, received 0x%02x%02x)."), rec[0], rec[1]).c_str());
throw win_runtime_error(ERROR_NOT_SUPPORTED, string_printf(__FUNCTION__ " Other than requested cipher selected (expected 0x000a, received 0x%02x%02x).", rec[0], rec[1]));
break;
case certificate: {
// Certificate list size
if (rec + 3 > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Certificate list size missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Certificate list size missing or incomplete.");
const unsigned char
*list = rec + 3,
*list_end = list + ((rec[0] << 16) | (rec[1] << 8) | rec[2]);
if (list_end > rec_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Certificate list missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Certificate list missing or incomplete.");
m_server_cert_chain.clear();
while (list < list_end) {
// Certificate size
if (list + 3 > list_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Certificate size missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Certificate size missing or incomplete.");
const unsigned char
*cert = list + 3,
*cert_end = cert + ((list[0] << 16) | (list[1] << 8) | list[2]);
if (cert_end > list_end)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Certificate rec missing or incomplete."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Certificate rec missing or incomplete.");
// Certificate
cert_context c;
if (!c.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cert, (DWORD)(cert_end - cert)))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error reading certificate."));
throw win_runtime_error(__FUNCTION__ " Error reading certificate.");
m_server_cert_chain.push_back(std::move(c));
list = cert_end;
@ -620,13 +620,13 @@ void eap::method_tls::process_handshake(_In_bytecount_(msg_size) const void *_ms
case finished:
if (rec_end - rec != 12)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" \"finished\" size incorrect (expected 12B, received %u)."), rec_end - rec).c_str());
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, string_printf(__FUNCTION__ " \"finished\" size incorrect (expected 12B, received %u).", rec_end - rec));
vector<unsigned char> hash, hash_sha1;
if (!CryptGetHashParam(m_hash_handshake_msgs_md5, HP_HASHVAL, hash, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error finishing MD5 hash calculation."));
throw win_runtime_error(__FUNCTION__ " Error finishing MD5 hash calculation.");
if (!CryptGetHashParam(m_hash_handshake_msgs_sha1, HP_HASHVAL, hash_sha1, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error finishing SHA-1 hash calculation."));
throw win_runtime_error(__FUNCTION__ " Error finishing SHA-1 hash calculation.");
hash.insert(hash.end(), hash_sha1.begin(), hash_sha1.end());
}
@ -642,18 +642,18 @@ void eap::method_tls::encrypt_message(_Inout_ sanitizing_blob &msg)
static const HMAC_INFO s_hmac_info = { CALG_SHA1 };
if (!hash_hmac.create(m_cp, CALG_HMAC, m_key_hmac, 0) ||
!CryptSetHashParam(hash_hmac, HP_HMAC_INFO, (const BYTE*)&s_hmac_info, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating HMAC hash."));
throw win_runtime_error(__FUNCTION__ " Error creating HMAC hash.");
// Hash sequence number and message.
unsigned __int64 seq_num = htonll(m_seq_num);
if (!CryptHashData(hash_hmac, (const BYTE*)&seq_num, sizeof(seq_num), 0) ||
!CryptHashData(hash_hmac, msg.data(), (DWORD)msg.size(), 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error hashing data."));
throw win_runtime_error(__FUNCTION__ " Error hashing data.");
// Calculate hash.
vector<unsigned char> hmac;
if (!CryptGetHashParam(hash_hmac, HP_HASHVAL, hmac, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error finishing hash calculation."));
throw win_runtime_error(__FUNCTION__ " Error finishing hash calculation.");
// Remove SSL/TLS header (record type, version, message size).
msg.erase(msg.begin(), msg.begin() + 5);
@ -679,7 +679,7 @@ void eap::method_tls::encrypt_message(_Inout_ sanitizing_blob &msg)
assert(size < 0xffffffff);
DWORD size2 = (DWORD)size;
if (!CryptEncrypt(m_key_encrypt, NULL, FALSE, 0, msg.data(), &size2, (DWORD)size))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error encrypting message."));
throw win_runtime_error(__FUNCTION__ " Error encrypting message.");
// Increment sequence number.
m_seq_num++;
@ -691,7 +691,7 @@ void eap::method_tls::decrypt_message(_Inout_ sanitizing_blob &msg)
// Decrypt.
DWORD size = (DWORD)msg.size();
if (!CryptDecrypt(m_key_decrypt, NULL, FALSE, 0, msg.data(), &size))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error decrypting message."));
throw win_runtime_error(__FUNCTION__ " Error decrypting message.");
// Remove padding.
msg.resize(size - msg.back() - 1);
@ -709,9 +709,9 @@ vector<unsigned char> eap::method_tls::p_hash(
// HMAC symmetric key generation.
crypt_hash hash_key;
if (!hash_key.create(m_cp, alg, 0, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating key hash."));
throw win_runtime_error(__FUNCTION__ " Error creating key hash.");
if (!CryptHashData(hash_key, (const BYTE*)secret, (DWORD)size_secret, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error hashing secret."));
throw win_runtime_error(__FUNCTION__ " Error hashing secret.");
crypt_key key_hmac;
key_hmac.derive(m_cp, CALG_RC4, hash_key, 0);
vector<unsigned char> block;
@ -739,22 +739,22 @@ vector<unsigned char> eap::method_tls::p_hash(
crypt_hash hash_hmac1;
if (!hash_hmac1.create(m_cp, CALG_HMAC, key_hmac, 0) ||
!CryptSetHashParam(hash_hmac1, HP_HMAC_INFO, (const BYTE*)&hmac_info, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating HMAC hash."));
throw win_runtime_error(__FUNCTION__ " Error creating HMAC hash.");
if (!CryptHashData(hash_hmac1, A.data(), (DWORD)A.size(), 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error hashing A."));
throw win_runtime_error(__FUNCTION__ " Error hashing A.");
if (!CryptGetHashParam(hash_hmac1, HP_HASHVAL, A, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error finishing hash A calculation."));
throw win_runtime_error(__FUNCTION__ " Error finishing hash A calculation.");
// Hash A and seed.
crypt_hash hash_hmac2;
if (!hash_hmac2.create(m_cp, CALG_HMAC, key_hmac, 0) ||
!CryptSetHashParam(hash_hmac2, HP_HMAC_INFO, (const BYTE*)&hmac_info, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error creating A+seed hash."));
throw win_runtime_error(__FUNCTION__ " Error creating A+seed hash.");
if (!CryptHashData(hash_hmac2, A.data(), (DWORD)A.size(), 0) ||
!CryptHashData(hash_hmac2, (const BYTE*)seed, (DWORD)size_seed, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error hashing seed."));
throw win_runtime_error(__FUNCTION__ " Error hashing seed.");
if (!CryptGetHashParam(hash_hmac2, HP_HASHVAL, block, 0))
throw win_runtime_error(_T(__FUNCTION__) _T(" Error finishing hash A+seed calculation."));
throw win_runtime_error(__FUNCTION__ " Error finishing hash A+seed calculation.");
// Append to output data.
data.insert(data.end(), block.begin(), block.end());

36
lib/TTLS/src/Config.cpp
View File

@ -93,41 +93,41 @@ void eap::config_method_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode
config_method::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
// <ClientSideCredential>
com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientSideCredential> element.");
// <ClientSideCredential>/<AnonymousIdentity>
if (!m_anonymous_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), bstrNamespace, bstr(m_anonymous_identity))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), bstrNamespace, bstr(m_anonymous_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AnonymousIdentity> element.");
m_outer.save(pDoc, pConfigRoot);
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
if (dynamic_cast<const config_method_pap*>(m_inner.get())) {
// <InnerAuthenticationMethod>/<NonEAPAuthMethod>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."));
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <NonEAPAuthMethod> element.");
// <InnerAuthenticationMethod>/...
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
} else
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Unsupported inner authentication method.");
}
void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
config_method::load(pConfigRoot);
@ -137,7 +137,7 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
// <ClientSideCredential>
com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential) == ERROR_SUCCESS) {
if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential))) {
wstring xpathClientSideCredential(xpath + L"/ClientSideCredential");
// <AnonymousIdentity>
@ -149,19 +149,19 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."));
if (FAILED(hr = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
// Determine inner authentication type (<EAPMethod> and <NonEAPAuthMethod>).
//DWORD dwMethodID;
bstr bstrMethod;
/*if (eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethodID) == ERROR_SUCCESS &&
/*if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethodID)) &&
dwMethodID == EAP_TYPE_MSCHAPV2)
{
// MSCHAPv2
// TODO: Add MSCHAPv2 support.
return ERROR_NOT_SUPPORTED;
} else*/ if (eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:NonEAPAuthMethod"), &bstrMethod) == ERROR_SUCCESS &&
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " MSCHAPv2 not supported yet.");
} else*/ if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:NonEAPAuthMethod"), &bstrMethod)) &&
CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrMethod, bstrMethod.length(), L"PAP", -1, NULL, NULL, 0) == CSTR_EQUAL)
{
// PAP
@ -169,7 +169,7 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
m_inner.reset(new config_method_pap(m_module));
m_inner->load(pXmlElInnerAuthenticationMethod);
} else
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Unsupported inner authentication method.");
}

13
lib/TTLS/src/Credentials.cpp
View File

@ -106,19 +106,18 @@ void eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
m_outer.save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
if (m_inner) {
// <InnerAuthenticationMethod>
winstd::com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
throw win_runtime_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
if (FAILED(hr = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL)))
throw win_runtime_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."));
throw com_runtime_error(hr, __FUNCTION__ " Error appending <InnerAuthenticationMethod> element.");
}
}
@ -126,7 +125,7 @@ void eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
void eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
DWORD dwResult;
HRESULT hr;
credentials::load(pConfigRoot);
@ -135,8 +134,8 @@ void eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
// TODO: For the time being, there is no detection what type is inner method. Introduce one!
if (m_inner) {
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS)
throw invalid_argument(__FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
m_inner->load(pXmlElInnerAuthenticationMethod);
}

4
lib/TTLS/src/Method.cpp
View File

@ -88,9 +88,9 @@ void eap::method_ttls::process_request_packet(
{
// Is this a valid EAP-TTLS packet?
if (dwReceivedPacketSize < 6)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, _T(__FUNCTION__) _T(" Packet is too small. EAP-%s packets should be at least 6B."));
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, __FUNCTION__ " Packet is too small. EAP-%s packets should be at least 6B.");
else if (pReceivedPacket->Data[0] != eap_type_ttls)
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, wstring_printf(_T(__FUNCTION__) _T(" Packet is not EAP-TTLS (expected: %u, received: %u)."), eap_type_ttls, pReceivedPacket->Data[0]).c_str());
throw win_runtime_error(EAP_E_EAPHOST_METHOD_INVALID_PACKET, string_printf(__FUNCTION__ " Packet is not EAP-TTLS (expected: %u, received: %u).", eap_type_ttls, pReceivedPacket->Data[0]));
if (pReceivedPacket->Code == EapCodeRequest && (pReceivedPacket->Data[1] & flags_start)) {
// This is a start EAP-TTLS packet.

12
lib/TTLS/src/Module.cpp
View File

@ -199,7 +199,7 @@ void eap::peer_ttls::get_identity(
} else {
// Per-machine authentication
if (!is_outer_set || !is_inner_set)
throw win_runtime_error(ERROR_NO_SUCH_USER, _T(__FUNCTION__) _T(" Credentials for per-machine authentication not available."));
throw win_runtime_error(ERROR_NO_SUCH_USER, __FUNCTION__ " Credentials for per-machine authentication not available.");
}
// If we got here, we have all credentials we need.
@ -262,8 +262,6 @@ void eap::peer_ttls::get_method_properties(
// Allocate property array.
DWORD dwCount = (DWORD)properties.size();
pMethodPropertyArray->pMethodProperty = (EAP_METHOD_PROPERTY*)alloc_memory(sizeof(EAP_METHOD_PROPERTY) * dwCount);
if (!pMethodPropertyArray->pMethodProperty)
throw win_runtime_error(ERROR_OUTOFMEMORY, _T(__FUNCTION__) _T(" Error allocating memory for propery array."));
// Copy properties.
memcpy(pMethodPropertyArray->pMethodProperty, properties.data(), sizeof(EAP_METHOD_PROPERTY) * dwCount);
@ -374,7 +372,7 @@ void eap::peer_ttls::get_ui_context(
UNREFERENCED_PARAMETER(ppUIContextData);
UNREFERENCED_PARAMETER(pdwUIContextDataSize);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -389,7 +387,7 @@ void eap::peer_ttls::set_ui_context(
UNREFERENCED_PARAMETER(dwUIContextDataSize);
UNREFERENCED_PARAMETER(pEapOutput);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -400,7 +398,7 @@ void eap::peer_ttls::get_response_attributes(
UNREFERENCED_PARAMETER(hSession);
UNREFERENCED_PARAMETER(pAttribs);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
@ -413,5 +411,5 @@ void eap::peer_ttls::set_response_attributes(
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
throw win_runtime_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}

4
lib/TTLS_UI/src/Module.cpp
View File

@ -109,7 +109,7 @@ void eap::peer_ttls_ui::invoke_config_ui(
// Clean-up and return.
wxEntryCleanup();
if (result != wxID_OK)
throw win_runtime_error(ERROR_CANCELLED, _T(__FUNCTION__) _T(" Cancelled."));
throw win_runtime_error(ERROR_CANCELLED, __FUNCTION__ " Cancelled.");
// Pack new configuration.
pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize);
@ -176,7 +176,7 @@ void eap::peer_ttls_ui::invoke_identity_ui(
// Clean-up and return.
wxEntryCleanup();
if (result != wxID_OK)
throw win_runtime_error(ERROR_CANCELLED, _T(__FUNCTION__) _T(" Cancelled."));
throw win_runtime_error(ERROR_CANCELLED, __FUNCTION__ " Cancelled.");
// Build our identity. ;)
wstring identity(move(cfg_method->get_public_identity(cred)));

2
lib/WinStd

@ -1 +1 @@
Subproject commit e547372197fd87b04008990b2d248aa9902d7f69
Subproject commit bacf47ebbc81621c41e73d88d5563a382ce68e3e