Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Merge branch 'master' of https://github.com/Amebis/GEANTLink

Browse Source
This commit is contained in:
Simon Rozman 2016-06-22 09:18:41 +02:00
commit 24008000a9
11 changed files with 370 additions and 435 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
EAPMethods/src/Main.cpp
View File

@ -236,18 +236,12 @@ DWORD APIENTRY EapPeerGetIdentity(
else if (!ppwszIdentity)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
if (!g_peer.get_identity(
dwFlags,
dwConnectionDataSize,
pConnectionData,
dwUserDataSize,
pUserData,
hTokenImpersonateUser,
pfInvokeUI,
pdwUserDataOutSize,
ppUserDataOut,
ppwszIdentity,
ppEapError))
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_identity(dwFlags, cfg, usr, hTokenImpersonateUser, pfInvokeUI, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
@ -307,7 +301,10 @@ DWORD APIENTRY EapPeerBeginSession(
}
// Begin the session.
if (!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwConnectionDataSize, pConnectionData, dwUserDataSize, pUserData, dwMaxSendPacketSize, ppEapError)) {
if (!g_peer.unpack(session->m_cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(session->m_id, pUserData, dwUserDataSize, ppEapError) ||
!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
@ -508,7 +505,10 @@ DWORD APIENTRY EapPeerGetUIContext(
else if (!ppUIContextData)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUIContextData is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(pdwUIContextDataSize, ppUIContextData, ppEapError)) {
_EAPMETHOD_SESSION::interactive_request_type req;
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(req, ppEapError) ||
!g_peer.pack(req, ppUIContextData, pdwUIContextDataSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
@ -554,7 +554,10 @@ DWORD APIENTRY EapPeerSetUIContext(
else if (!pEapOutput)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(dwUIContextDataSize, pUIContextData, pEapOutput, ppEapError)) {
_EAPMETHOD_SESSION::interactive_response_type res;
if (!g_peer.unpack(res, pUIContextData, dwUIContextDataSize, ppEapError) ||
!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(res, pEapOutput, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
@ -681,16 +684,18 @@ DWORD WINAPI EapPeerGetMethodProperties(
else if (!pMethodPropertyArray)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pMethodPropertyArray is NULL.")));
else {
if (!g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
dwEapConnDataSize,
pEapConnData,
dwUserDataSize,
pUserData,
pMethodPropertyArray,
ppEapError))
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pEapConnData, dwEapConnDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
cfg,
usr,
pMethodPropertyArray,
ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
@ -757,29 +762,16 @@ DWORD WINAPI EapPeerCredentialsXml2Blob(
// Load credentials.
pCredentialsDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER::identity_type cred(g_peer);
if (!cred.load(pXmlElCredentials, ppEapError)) {
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!usr.load(pXmlElCredentials, ppEapError) ||
!g_peer.pack(usr, ppCredentialsOut, pdwCredentialsOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for credentials.
assert(ppCredentialsOut);
assert(pdwCredentialsOutSize);
*pdwCredentialsOutSize = (DWORD)eapserial::get_pk_size(cred);
*ppCredentialsOut = g_peer.alloc_memory(*pdwCredentialsOutSize);
if (!*ppCredentialsOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwCredentialsOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppCredentialsOut;
eapserial::pack(cursor, cred);
assert(cursor - *ppCredentialsOut <= (ptrdiff_t)*pdwCredentialsOutSize);
}
return dwResult;

118
EAPMethods/src/Main_UI.cpp
View File

@ -143,28 +143,15 @@ DWORD WINAPI EapPeerConfigXml2Blob(
// Load configuration.
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (!cfg.load(pXmlElConfig, ppEapError)) {
if (!cfg.load(pXmlElConfig, ppEapError) ||
!g_peer.pack(cfg, ppConfigOut, pdwConfigOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for configuration.
assert(ppConfigOut);
assert(pdwConfigOutSize);
*pdwConfigOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConfigOut = g_peer.alloc_memory(*pdwConfigOutSize);
if (!*ppConfigOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConfigOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConfigOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConfigOut <= (ptrdiff_t)*pdwConfigOutSize);
}
return dwResult;
@ -212,10 +199,12 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConfigIn || !dwConfigInSize) {
const unsigned char *cursor = pConfigIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConfigIn <= (ptrdiff_t)dwConfigInSize);
if (!g_peer.unpack(cfg, pConfigIn, dwConfigInSize, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Create configuration XML document.
@ -305,36 +294,17 @@ DWORD WINAPI EapPeerInvokeConfigUI(
else if (!ppConnectionDataOut)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConnectionDataOut is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionDataIn || !dwConnectionDataInSize) {
const unsigned char *cursor = pConnectionDataIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionDataIn <= (ptrdiff_t)dwConnectionDataInSize);
}
if (!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError)) {
if (!g_peer.unpack(cfg, pConnectionDataIn, dwConnectionDataInSize, ppEapError) ||
!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError) ||
!g_peer.pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for configuration.
assert(ppConnectionDataOut);
assert(pdwConnectionDataOutSize);
*pdwConnectionDataOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConnectionDataOut = g_peer.alloc_memory(*pdwConnectionDataOutSize);
if (!*ppConnectionDataOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConnectionDataOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConnectionDataOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConnectionDataOut <= (ptrdiff_t)*pdwConnectionDataOutSize);
}
return dwResult;
@ -389,44 +359,19 @@ DWORD WINAPI EapPeerInvokeIdentityUI(
else if (!ppwszIdentity)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionData || !dwConnectionDataSize) {
const unsigned char *cursor = pConnectionData;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionData <= (ptrdiff_t)dwConnectionDataSize);
}
// Unpack configuration.
_EAPMETHOD_PEER_UI::identity_type usr(g_peer);
if (pUserData || !dwUserDataSize) {
const unsigned char *cursor = pUserData;
eapserial::unpack(cursor, usr);
assert(cursor - pUserData <= (ptrdiff_t)dwUserDataSize);
}
if (!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError)) {
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for user data.
assert(ppUserDataOut);
assert(pdwUserDataOutSize);
*pdwUserDataOutSize = (DWORD)eapserial::get_pk_size(usr);
*ppUserDataOut = g_peer.alloc_memory(*pdwUserDataOutSize);
if (!*ppUserDataOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwUserDataOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppUserDataOut;
eapserial::pack(cursor, usr);
assert(cursor - *ppUserDataOut <= (ptrdiff_t)*pdwUserDataOutSize);
}
return dwResult;
@ -473,37 +418,18 @@ DWORD WINAPI EapPeerInvokeInteractiveUI(
else if (!ppDataFromInteractiveUI)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL.")));
else {
// Unpack request.
_EAPMETHOD_PEER_UI::interactive_request_type req;
if (pUIContextData || !dwUIContextDataSize) {
const unsigned char *cursor = pUIContextData;
eapserial::unpack(cursor, req);
assert(cursor - pUIContextData <= (ptrdiff_t)dwUIContextDataSize);
}
_EAPMETHOD_PEER_UI::interactive_response_type res;
if (!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError)) {
if (!g_peer.unpack(req, pUIContextData, dwUIContextDataSize, ppEapError) ||
!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError) ||
!g_peer.pack(res, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for user data.
assert(ppDataFromInteractiveUI);
assert(pdwDataFromInteractiveUISize);
*pdwDataFromInteractiveUISize = (DWORD)eapserial::get_pk_size(res);
*ppDataFromInteractiveUI = g_peer.alloc_memory(*pdwDataFromInteractiveUISize);
if (!*ppDataFromInteractiveUI) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for interactive response (%uB)."), *pdwDataFromInteractiveUISize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppDataFromInteractiveUI;
eapserial::pack(cursor, res);
assert(cursor - *ppDataFromInteractiveUI <= (ptrdiff_t)*pdwDataFromInteractiveUISize);
}
return dwResult;

1
lib/EAPBase/build/EAPBase.vcxproj
View File

@ -92,7 +92,6 @@
<ClCompile Include="..\src\Config.cpp" />
<ClCompile Include="..\src\Credentials.cpp" />
<ClCompile Include="..\src\Module.cpp" />
<ClCompile Include="..\src\Session.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>

3
lib/EAPBase/build/EAPBase.vcxproj.filters
View File

@ -40,9 +40,6 @@
<ClCompile Include="..\src\StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Session.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Config.cpp">
<Filter>Source Files</Filter>
</ClCompile>

135
lib/EAPBase/include/Module.h
View File

@ -46,8 +46,9 @@ namespace eap
#include "EAP.h"
#include <WinStd/Win.h>
#include <WinStd/Crypt.h>
#include <WinStd/ETW.h>
#include <WinStd/Win.h>
#include <Windows.h>
#include <eaptypes.h> // Must include after <Windows.h>
@ -452,6 +453,104 @@ namespace eap
/// @}
/// \name BLOB management
/// @{
///
/// Unencrypts and unpacks the BLOB
///
/// \param[inout] record Object to unpack to
/// \param[in ] pDataIn Pointer to encrypted BLOB
/// \param[in ] dwDataInSize Size of \p pDataIn
/// \param[out ] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class T>
bool unpack(
_Inout_ T &record,
_In_count_(dwDataInSize) const BYTE *pDataIn,
_In_ DWORD dwDataInSize,
_Out_ EAP_ERROR **ppEapError)
{
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptAcquireContext failed."));
return false;
}
// Decrypt data.
vector<unsigned char, sanitizing_allocator<unsigned char> > data;
if (!decrypt_md5(cp, pDataIn, dwDataInSize, data, ppEapError))
return false;
const unsigned char *cursor = data.data();
eapserial::unpack(cursor, record);
assert(cursor - data.data() <= (ptrdiff_t)data.size());
return true;
}
///
/// Packs and encrypts to the BLOB
///
/// \param[in ] record Object to pack
/// \param[out] ppDataOut Pointer to pointer to receive encrypted BLOB. Pointer must be freed using `module::free_memory()`.
/// \param[out] pdwDataOutSize Pointer to \p ppDataOut size
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class T>
bool pack(
_In_ const T &record,
_Out_ BYTE **ppDataOut,
_Out_ DWORD *pdwDataOutSize,
_Out_ EAP_ERROR **ppEapError)
{
// Allocate BLOB.
std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data;
data.resize(eapserial::get_pk_size(record));
// Pack to BLOB.
unsigned char *cursor = data.data();
eapserial::pack(cursor, record);
data.resize(cursor - data.data());
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptAcquireContext failed."));
return false;
}
// Encrypt BLOB.
std::vector<unsigned char> data_enc;
if (!encrypt_md5(cp, data.data(), data.size(), data_enc, ppEapError))
return false;
// Copy encrypted BLOB to output.
assert(ppDataOut);
assert(pdwDataOutSize);
*pdwDataOutSize = (DWORD)data_enc.size();
*ppDataOut = alloc_memory(*pdwDataOutSize);
if (!*ppDataOut) {
log_error(*ppEapError = g_peer.make_error(ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str()));
return false;
}
memcpy(*ppDataOut, data_enc.data(), *pdwDataOutSize);
return true;
}
/// @}
public:
HINSTANCE m_instance; ///< Windows module instance
const type_t m_eap_method; ///< EAP method type
@ -540,17 +639,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError) = 0;
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError) = 0;
///
/// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data.
@ -562,15 +657,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const = 0;
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const = 0;
///
/// Defines the implementation of an EAP method-specific function that obtains the EAP Single-Sign-On (SSO) credential input fields for an EAP method.

189
lib/EAPBase/include/Session.h
View File

@ -23,7 +23,7 @@ namespace eap
///
/// EAP session
///
class session;
template <class _Tcfg, class _Tid, class _Tint, class _Tintres> class session;
}
#pragma once
@ -40,29 +40,74 @@ extern "C" {
namespace eap
{
template <class _Tcfg, class _Tid, class _Tint, class _Tintres>
class session
{
public:
///
/// Provider configuration data type
///
typedef config_provider<_Tcfg> provider_config_type;
///
/// Configuration data type
///
typedef config_providers<provider_config_type> config_type;
///
/// Identity data type
///
typedef _Tid identity_type;
///
/// Interactive request data type
///
typedef _Tint interactive_request_type;
///
/// Interactive response data type
///
typedef _Tintres interactive_response_type;
public:
///
/// Constructs a session
///
/// \param[in] mod Reference of the EAP module to use for global services
///
session(_In_ module &mod);
session(_In_ module &mod) :
m_module(mod),
m_cfg(mod),
m_id(mod)
{
}
///
/// Copies session
///
/// \param[in] other Session to copy from
///
session(_In_ const session &other);
session(_In_ const session &other) :
m_module(other.m_module),
m_cfg(other.m_cfg),
m_id(other.m_id)
{
}
///
/// Moves session
///
/// \param[in] other Session to move from
///
session(_Inout_ session &&other);
session(_Inout_ session &&other) :
m_module(other.m_module),
m_cfg(std::move(other.m_cfg)),
m_id(std::move(other.m_id))
{
}
///
/// Copies session
@ -71,7 +116,16 @@ namespace eap
///
/// \returns Reference to this object
///
session& operator=(_In_ const session &other);
session& operator=(_In_ const session &other)
{
if (this != std::addressof(other)) {
assert(std::addressof(m_module) ==std::addressof(other.m_module)); // Copy session within same module only!
m_cfg = other.m_cfg;
m_id = other.m_id;
}
return *this;
}
///
/// Moves session
@ -80,7 +134,16 @@ namespace eap
///
/// \returns Reference to this object
///
session& operator=(_Inout_ session &&other);
session& operator=(_Inout_ session &&other)
{
if (this != std::addressof(other)) {
assert(std::addressof(m_module) ==std::addressof(other.m_module)); // Move session within same module only!
m_cfg = std::move(other.m_cfg);
m_id = std::move(other.m_id);
}
return *this;
}
/// \name Session start/end
/// @{
@ -95,15 +158,21 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError);
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(pAttributeArray);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
///
/// Ends an EAP authentication session for the EAP method.
@ -114,7 +183,12 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool end(_Out_ EAP_ERROR **ppEapError);
virtual bool end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
/// @}
@ -134,7 +208,17 @@ namespace eap
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError);
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Obtains a response packet from the EAP method.
@ -148,7 +232,16 @@ namespace eap
virtual bool get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError);
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Obtains the result of an authentication session from the EAP method.
@ -159,7 +252,15 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError);
virtual bool get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
@ -178,9 +279,16 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError);
_Out_ interactive_request_type &req,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(req);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Provides a user interface context to the EAP method.
@ -194,10 +302,17 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError);
_In_ const interactive_response_type &res,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(res);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
@ -213,7 +328,15 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError);
virtual bool get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Provides an updated array of EAP response attributes to the EAP method.
@ -224,11 +347,21 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError);
virtual bool set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
public:
module &m_module; ///< Reference of the EAP module
config_type m_cfg; ///< Session configuration
identity_type m_id; ///< User identity
};
}

187
lib/EAPBase/src/Session.cpp
View File

@ -1,187 +0,0 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
using namespace std;
using namespace winstd;
//////////////////////////////////////////////////////////////////////
// eap::session
//////////////////////////////////////////////////////////////////////
eap::session::session(_In_ module &mod) :
m_module(mod)
{
}
eap::session::session(_In_ const session &other) :
m_module(other.m_module)
{
}
eap::session::session(_Inout_ session &&other) :
m_module(other.m_module)
{
}
eap::session& eap::session::operator=(_In_ const session &other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Copy session within same module only!
return *this;
}
eap::session& eap::session::operator=(_Inout_ session &&other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Move session within same module only!
return *this;
}
bool eap::session::begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(pAttributeArray);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(dwConnectionDataSize);
UNREFERENCED_PARAMETER(pConnectionData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
bool eap::session::end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
bool eap::session::process_request_packet(
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwUIContextDataSize);
UNREFERENCED_PARAMETER(ppUIContextData);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwUIContextDataSize);
UNREFERENCED_PARAMETER(pUIContextData);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}

36
lib/TTLS/include/Module.h
View File

@ -35,7 +35,7 @@ namespace eap
namespace eap
{
class peer_ttls : public peer<eap::config_ttls, eap::credentials_ttls, int, int>
class peer_ttls : public peer<config_ttls, credentials_ttls, int, int>
{
public:
///
@ -75,17 +75,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError);
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError);
///
/// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data.
@ -97,14 +93,12 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const;
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const;
};
}

2
lib/TTLS/include/Session.h
View File

@ -33,7 +33,7 @@ namespace eap
namespace eap
{
class session_ttls : public session
class session_ttls : public session<config_ttls, credentials_ttls, int, int>
{
public:
///

48
lib/TTLS/src/Module.cpp
View File

@ -59,27 +59,19 @@ bool eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError)
bool eap::peer_ttls::get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError)
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(dwConnectionDataSize);
UNREFERENCED_PARAMETER(pConnectionData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(cfg);
UNREFERENCED_PARAMETER(usr);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(pfInvokeUI);
UNREFERENCED_PARAMETER(pdwUserDataOutSize);
UNREFERENCED_PARAMETER(ppUserDataOut);
UNREFERENCED_PARAMETER(ppwszIdentity);
UNREFERENCED_PARAMETER(ppEapError);
@ -89,23 +81,19 @@ bool eap::peer_ttls::get_identity(
bool eap::peer_ttls::get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const
{
UNREFERENCED_PARAMETER(dwVersion);
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(hUserImpersonationToken);
UNREFERENCED_PARAMETER(dwEapConnDataSize);
UNREFERENCED_PARAMETER(pEapConnData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(cfg);
UNREFERENCED_PARAMETER(usr);
UNREFERENCED_PARAMETER(pMethodPropertyArray);
UNREFERENCED_PARAMETER(ppEapError);

10
lib/TTLS/src/Session.cpp
View File

@ -28,19 +28,19 @@ using namespace winstd;
// eap::session_ttls
//////////////////////////////////////////////////////////////////////
eap::session_ttls::session_ttls(_In_ module &mod) : session(mod)
eap::session_ttls::session_ttls(_In_ module &mod) : session<config_ttls, credentials_ttls, int, int>(mod)
{
}
eap::session_ttls::session_ttls(_In_ const session_ttls &other) :
session(other)
session<config_ttls, credentials_ttls, int, int>(other)
{
}
eap::session_ttls::session_ttls(_Inout_ session_ttls &&other) :
session(std::move(other))
session<config_ttls, credentials_ttls, int, int>(std::move(other))
{
}
@ -48,7 +48,7 @@ eap::session_ttls::session_ttls(_Inout_ session_ttls &&other) :
eap::session_ttls& eap::session_ttls::operator=(_In_ const session_ttls &other)
{
if (this != &other)
(session&)*this = other;
(session<config_ttls, credentials_ttls, int, int>&)*this = other;
return *this;
}
@ -57,7 +57,7 @@ eap::session_ttls& eap::session_ttls::operator=(_In_ const session_ttls &other)
eap::session_ttls& eap::session_ttls::operator=(_Inout_ session_ttls &&other)
{
if (this != &other)
(session&)*this = std::move(other);
(session<config_ttls, credentials_ttls, int, int>&)*this = std::move(other);
return *this;
}