Configuration and credentials logging introduced
This commit is contained in:
@@ -179,12 +179,16 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
|
||||
if (!config_method<credentials_tls>::load(pConfigRoot, ppEapError))
|
||||
return false;
|
||||
|
||||
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
|
||||
|
||||
m_trusted_root_ca.clear();
|
||||
m_server_names.clear();
|
||||
|
||||
// <ServerSideCredential>
|
||||
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
|
||||
if (eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential) == ERROR_SUCCESS) {
|
||||
std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential");
|
||||
|
||||
// <CA>
|
||||
com_obj<IXMLDOMNodeList> pXmlListCAs;
|
||||
long lCACount = 0;
|
||||
@@ -212,6 +216,12 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
|
||||
|
||||
add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
|
||||
}
|
||||
|
||||
// Log loaded CA certificates.
|
||||
list<tstring> cert_names;
|
||||
for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert)
|
||||
cert_names.push_back(std::move(eap::get_cert_title(*cert)));
|
||||
m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
|
||||
}
|
||||
|
||||
// <ServerName>
|
||||
@@ -229,8 +239,10 @@ bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEa
|
||||
string str;
|
||||
WideCharToMultiByte(CP_UTF8, 0, bstrServerID, bstrServerID.length(), str, NULL, NULL);
|
||||
|
||||
m_server_names.push_back(str);
|
||||
m_server_names.push_back(str);
|
||||
}
|
||||
|
||||
m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names);
|
||||
}
|
||||
}
|
||||
|
||||
|
@@ -137,6 +137,8 @@ bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR *
|
||||
//if (!credentials::load(pConfigRoot, ppEapError))
|
||||
// return false;
|
||||
|
||||
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
|
||||
|
||||
m_identity.clear();
|
||||
m_cert.free();
|
||||
|
||||
@@ -161,6 +163,7 @@ bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR *
|
||||
}
|
||||
}
|
||||
}
|
||||
m_module.log_config((xpath + L"/ClientCertificate").c_str(), m_cert ? eap::get_cert_title(m_cert).c_str() : L"<blank>");
|
||||
|
||||
return true;
|
||||
}
|
||||
@@ -238,6 +241,8 @@ bool eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
|
||||
// Generate identity. TODO: Find which CERT_NAME_... constant returns valid identity (username@domain or DOMAIN\Username).
|
||||
CertGetNameString(m_cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, m_identity);
|
||||
|
||||
m_module.log_config((wstring(pszTargetName) + L"/Certificate").c_str(), m_identity.c_str());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user