Configuration and credentials logging introduced

lib/TLS/src/Config.cpp

@@ -179,12 +179,16 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
     if (!config_method<credentials_tls>::load(pConfigRoot, ppEapError))
         return false;
 
+    std::wstring xpath(eapxml::get_xpath(pConfigRoot));
+
     m_trusted_root_ca.clear();
     m_server_names.clear();
 
     // <ServerSideCredential>
     com_obj<IXMLDOMElement> pXmlElServerSideCredential;
     if (eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential) == ERROR_SUCCESS) {
+        std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential");
+
         // <CA>
         com_obj<IXMLDOMNodeList> pXmlListCAs;
         long lCACount = 0;
@@ -212,6 +216,12 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
 
                 add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
             }
+
+            // Log loaded CA certificates.
+            list<tstring> cert_names;
+            for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert)
+                cert_names.push_back(std::move(eap::get_cert_title(*cert)));
+            m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
         }
 
         // <ServerName>
@@ -229,8 +239,10 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
                 string str;
                 WideCharToMultiByte(CP_UTF8, 0, bstrServerID, bstrServerID.length(), str, NULL, NULL);
 
-                    m_server_names.push_back(str);
+                m_server_names.push_back(str);
             }
+
+            m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names);
         }
     }
 

lib/TLS/src/Credentials.cpp

@@ -137,6 +137,8 @@ bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR *
     //if (!credentials::load(pConfigRoot, ppEapError))
     //    return false;
 
+    std::wstring xpath(eapxml::get_xpath(pConfigRoot));
+
     m_identity.clear();
     m_cert.free();
 
@@ -161,6 +163,7 @@ bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR *
             }
         }
     }
+    m_module.log_config((xpath + L"/ClientCertificate").c_str(), m_cert ? eap::get_cert_title(m_cert).c_str() : L"<blank>");
 
     return true;
 }
@@ -238,6 +241,8 @@ bool eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
     // Generate identity. TODO: Find which CERT_NAME_... constant returns valid identity (username@domain or DOMAIN\Username).
     CertGetNameString(m_cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, m_identity);
 
+    m_module.log_config((wstring(pszTargetName) + L"/Certificate").c_str(), m_identity.c_str());
+
     return true;
 }