From 3b6d2b2c14d074453819cebe577d819b27aefe25 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Mon, 7 Nov 2016 10:17:47 +0100 Subject: [PATCH] Password and certificate output to log is no longer conditioned by _DEBUG --- lib/EAPBase/include/Module.h | 6 ++++-- lib/EAPBase_UI/include/EAP_UI.h | 17 +++++++++++++++++ lib/EAPBase_UI/src/EAP_UI.cpp | 25 +++++++++++++++++++++++++ lib/WinStd | 2 +- 4 files changed, 47 insertions(+), 3 deletions(-) diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h index 2d90f3b..e89a9b2 100644 --- a/lib/EAPBase/include/Module.h +++ b/lib/EAPBase/include/Module.h @@ -236,7 +236,8 @@ namespace eap /// inline void log_config_discrete(_In_z_ LPCWSTR name, _In_z_ LPCWSTR value) const { -#ifdef _DEBUG +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA +#pragma message (__FILE__ "(" STRING(__LINE__) "): Warning: !!! DANGER !!! Passwords and certificates will be logged as a clear-text. Please, consider undefining __DANGEROUS__LOG_CONFIDENTIAL_DATA.") log_config(name, value); #else log_config(name, value ? value[0] ? L"********" : L"" : NULL); @@ -254,7 +255,8 @@ namespace eap /// inline void log_config_discrete(_In_z_ LPCWSTR name, _In_bytecount_(size) const void *data, _In_ ULONG size) const { -#ifdef _DEBUG +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA +#pragma message (__FILE__ "(" STRING(__LINE__) "): Warning: !!! DANGER !!! Passwords and certificates will be logged as a clear-text. Please, consider undefining __DANGEROUS__LOG_CONFIDENTIAL_DATA.") log_config(name, data, size); #else log_config(name, data ? size ? L"********" : L"" : NULL); diff --git a/lib/EAPBase_UI/include/EAP_UI.h b/lib/EAPBase_UI/include/EAP_UI.h index a998b85..318d7ee 100644 --- a/lib/EAPBase_UI/include/EAP_UI.h +++ b/lib/EAPBase_UI/include/EAP_UI.h @@ -34,6 +34,9 @@ class wxEAPCredentialsDialog; class wxEAPNotePanel; class wxEAPProviderLockedPanel; class wxEAPCredentialWarningPanel; +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA +class wxEAPCredentialLogWarningPanel; +#endif class wxEAPConfigWindow; class wxEAPProviderContactInfoPanel; class wxEAPProviderIDPanel; @@ -470,6 +473,20 @@ public: }; +/// +/// EAP credential logging enabled warning note +/// +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA +class wxEAPCredentialLogWarningPanel : public wxEAPNotePanel +{ +public: + /// + /// Constructs a notice pannel and set the title text + /// + wxEAPCredentialLogWarningPanel(wxWindow* parent); +}; +#endif + /// /// EAP Configuration window /// diff --git a/lib/EAPBase_UI/src/EAP_UI.cpp b/lib/EAPBase_UI/src/EAP_UI.cpp index b339eee..17dc69b 100644 --- a/lib/EAPBase_UI/src/EAP_UI.cpp +++ b/lib/EAPBase_UI/src/EAP_UI.cpp @@ -101,6 +101,10 @@ wxEAPCredentialsDialog::wxEAPCredentialsDialog(const eap::config_provider &prov, { // Set banner title. m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), wxEAPGetProviderName(prov.m_name))); + +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA + AddContent(new wxEAPCredentialLogWarningPanel(this)); +#endif } @@ -231,6 +235,27 @@ wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provi } +////////////////////////////////////////////////////////////////////// +// wxEAPCredentialWarningPanel +////////////////////////////////////////////////////////////////////// + +#ifdef __DANGEROUS__LOG_CONFIDENTIAL_DATA +wxEAPCredentialLogWarningPanel::wxEAPCredentialLogWarningPanel(wxWindow* parent) : wxEAPNotePanel(parent) +{ + // Load and set icon. + winstd::library lib_shell32; + if (lib_shell32.load(_T("imageres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) + m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(105))); + + m_note_label->SetLabel(wxString::Format(_("The %s version installed on this computer logs credentials in easy to read visible way."), wxT(PRODUCT_NAME_STR)) + " " + + _("Please, reconsider necessity to enter your credentials.")); + m_note_label->Wrap(449); + + this->Layout(); +} +#endif + + ////////////////////////////////////////////////////////////////////// // wxEAPConfigWindow ////////////////////////////////////////////////////////////////////// diff --git a/lib/WinStd b/lib/WinStd index 6acc318..6be8e5e 160000 --- a/lib/WinStd +++ b/lib/WinStd @@ -1 +1 @@ -Subproject commit 6acc318f87980080a95b032156ef8d5f91fdc04c +Subproject commit 6be8e5ee549a51146782ab6f24a7439292a307e4