diff --git a/EAPMethods/src/Main.cpp b/EAPMethods/src/Main.cpp index 3ae6860..4cc077c 100644 --- a/EAPMethods/src/Main.cpp +++ b/EAPMethods/src/Main.cpp @@ -236,20 +236,12 @@ DWORD APIENTRY EapPeerGetIdentity( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUserDataOut is NULL."))); else if (!ppwszIdentity) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL."))); - else { - eap::config_providers cfg(&g_peer); - _EAPMETHOD_PEER::credentials_type cred_in(&g_peer), cred_out(&g_peer); - if ( !g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) || - dwUserDataSize && !g_peer.unpack(cred_in, pUserData, dwUserDataSize, ppEapError) || - !g_peer.get_identity(dwFlags, cfg, dwUserDataSize ? &cred_in : NULL, cred_out, hTokenImpersonateUser, pfInvokeUI, ppwszIdentity, ppEapError) || - !g_peer.pack(cred_out, ppUserDataOut, pdwUserDataOutSize, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - dwResult = (*ppEapError)->dwWinError; - } else - dwResult = ERROR_INVALID_DATA; - } + else if (!g_peer.get_identity(dwFlags, pConnectionData, dwConnectionDataSize, pUserData, dwUserDataSize, ppUserDataOut, pdwUserDataOutSize, hTokenImpersonateUser, pfInvokeUI, ppwszIdentity, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + dwResult = (*ppEapError)->dwWinError; + } else + dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -506,17 +498,12 @@ DWORD APIENTRY EapPeerGetUIContext( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwUIContextDataSize is NULL."))); else if (!ppUIContextData) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUIContextData is NULL."))); - else { - _EAPMETHOD_SESSION::interactive_request_type req; - if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(req, ppEapError) || - !g_peer.pack(req, ppUIContextData, pdwUIContextDataSize, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - dwResult = (*ppEapError)->dwWinError; - } else - dwResult = ERROR_INVALID_DATA; - } + else if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(ppUIContextData, pdwUIContextDataSize, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + dwResult = (*ppEapError)->dwWinError; + } else + dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -555,17 +542,12 @@ DWORD APIENTRY EapPeerSetUIContext( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUIContextData is NULL."))); else if (!pEapOutput) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL."))); - else { - _EAPMETHOD_SESSION::interactive_response_type res; - if (!g_peer.unpack(res, pUIContextData, dwUIContextDataSize, ppEapError) || - !static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(res, pEapOutput, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - dwResult = (*ppEapError)->dwWinError; - } else - dwResult = ERROR_INVALID_DATA; - } + else if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(pUIContextData, dwUIContextDataSize, pEapOutput, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + dwResult = (*ppEapError)->dwWinError; + } else + dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -652,16 +634,16 @@ DWORD APIENTRY EapPeerSetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _I /// \sa [EapPeerGetMethodProperties function](https://msdn.microsoft.com/en-us/library/windows/desktop/hh706636.aspx) /// DWORD WINAPI EapPeerGetMethodProperties( - _In_ DWORD dwVersion, - _In_ DWORD dwFlags, - _In_ EAP_METHOD_TYPE eapMethodType, - _In_ HANDLE hUserImpersonationToken, - _In_ DWORD dwEapConnDataSize, - _In_count_(dwEapConnDataSize) const BYTE *pEapConnData, - _In_ DWORD dwUserDataSize, - _In_count_(dwUserDataSize) const BYTE *pUserData, - _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, - _Out_ EAP_ERROR **ppEapError) + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ EAP_METHOD_TYPE eapMethodType, + _In_ HANDLE hUserImpersonationToken, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwUserDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, + _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; event_fn_auto_ret event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult)); @@ -679,32 +661,18 @@ DWORD WINAPI EapPeerGetMethodProperties( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str())); else if (eapMethodType.dwAuthorId != 67532) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); - else if (!pEapConnData && dwEapConnDataSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL."))); + else if (!pConnectionData && dwConnectionDataSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL."))); else if (!pUserData && dwUserDataSize) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUserData is NULL."))); else if (!pMethodPropertyArray) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pMethodPropertyArray is NULL."))); - else { - eap::config_providers cfg(&g_peer); - _EAPMETHOD_PEER::credentials_type cred(&g_peer); - if (!g_peer.unpack(cfg, pEapConnData, dwEapConnDataSize, ppEapError) || - !g_peer.unpack(cred, pUserData, dwUserDataSize, ppEapError) || - !g_peer.get_method_properties( - dwVersion, - dwFlags, - hUserImpersonationToken, - cfg, - cred, - pMethodPropertyArray, - ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - dwResult = (*ppEapError)->dwWinError; - } else - dwResult = ERROR_INVALID_DATA; - } + else if (!g_peer.get_method_properties(dwVersion, dwFlags, hUserImpersonationToken, pConnectionData, dwConnectionDataSize, pUserData, dwUserDataSize, pMethodPropertyArray, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + dwResult = (*ppEapError)->dwWinError; + } else + dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -717,14 +685,14 @@ DWORD WINAPI EapPeerGetMethodProperties( /// \sa [EapPeerCredentialsXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363603.aspx) /// DWORD WINAPI EapPeerCredentialsXml2Blob( - _In_ DWORD dwFlags, - _In_ EAP_METHOD_TYPE eapMethodType, - _In_ IXMLDOMDocument2 *pCredentialsDoc, - _In_count_(dwConfigInSize) const BYTE *pConfigIn, - _In_ DWORD dwConfigInSize, - _Out_ BYTE **ppCredentialsOut, - _Out_ DWORD *pdwCredentialsOutSize, - _Out_ EAP_ERROR **ppEapError) + _In_ DWORD dwFlags, + _In_ EAP_METHOD_TYPE eapMethodType, + _In_ IXMLDOMDocument2 *pCredentialsDoc, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _Out_ BYTE **ppCredentialsOut, + _Out_ DWORD *pdwCredentialsOutSize, + _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; event_fn_auto_ret event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult)); @@ -744,17 +712,13 @@ DWORD WINAPI EapPeerCredentialsXml2Blob( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); else if (!pCredentialsDoc) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pCredentialsDoc is NULL."))); - else if (!pConfigIn && dwConfigInSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigIn is NULL."))); + else if (!pConnectionData && dwConnectionDataSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL."))); else if (!ppCredentialsOut) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppCredentialsOut is NULL."))); else if (!pdwCredentialsOutSize) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwCredentialsOutSize is NULL."))); else { - UNREFERENCED_PARAMETER(dwFlags); - UNREFERENCED_PARAMETER(pConfigIn); - UNREFERENCED_PARAMETER(dwConfigInSize); - // com_obj pXmlElCredentials; if ((dwResult = eapxml::select_node(pCredentialsDoc, bstr(L"//EapHostUserCredentials/Credentials"), &pXmlElCredentials)) != ERROR_SUCCESS) { @@ -764,10 +728,7 @@ DWORD WINAPI EapPeerCredentialsXml2Blob( // Load credentials. pCredentialsDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"")); - _EAPMETHOD_PEER::credentials_type cred(&g_peer); - if (!cred.load(pXmlElCredentials, ppEapError) || - !g_peer.pack(cred, ppCredentialsOut, pdwCredentialsOutSize, ppEapError)) - { + if (!g_peer.credentials_xml2blob(dwFlags, pXmlElCredentials, pConnectionData, dwConnectionDataSize, ppCredentialsOut, pdwCredentialsOutSize, ppEapError)) { if (*ppEapError) { g_peer.log_error(*ppEapError); return dwResult = (*ppEapError)->dwWinError; @@ -786,13 +747,13 @@ DWORD WINAPI EapPeerCredentialsXml2Blob( /// \sa [EapPeerQueryCredentialInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363622.aspx) /// DWORD WINAPI EapPeerQueryCredentialInputFields( - _In_ HANDLE hUserImpersonationToken, - _In_ EAP_METHOD_TYPE eapMethodType, - _In_ DWORD dwFlags, - _In_ DWORD dwEapConnDataSize, - _In_count_(dwEapConnDataSize) const BYTE *pEapConnData, - _Out_ EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldsArray, - _Out_ EAP_ERROR **ppEapError) + _In_ HANDLE hUserImpersonationToken, + _In_ EAP_METHOD_TYPE eapMethodType, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _Out_ EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldsArray, + _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; event_fn_auto_ret event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult)); @@ -810,16 +771,16 @@ DWORD WINAPI EapPeerQueryCredentialInputFields( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str())); else if (eapMethodType.dwAuthorId != 67532) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); - else if (!pEapConnData && dwEapConnDataSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL."))); + else if (!pConnectionData && dwConnectionDataSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL."))); else if (!pEapConfigInputFieldsArray) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConfigInputFieldsArray is NULL."))); else { if (!g_peer.query_credential_input_fields( hUserImpersonationToken, dwFlags, - dwEapConnDataSize, - pEapConnData, + dwConnectionDataSize, + pConnectionData, pEapConfigInputFieldsArray, ppEapError)) { @@ -841,15 +802,15 @@ DWORD WINAPI EapPeerQueryCredentialInputFields( /// \sa [EapPeerQueryUserBlobFromCredentialInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/bb204697.aspx) /// DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields( - _In_ HANDLE hUserImpersonationToken, - _In_ EAP_METHOD_TYPE eapMethodType, - _In_ DWORD dwFlags, - _In_ DWORD dwEapConnDataSize, - _In_count_(dwEapConnDataSize) const BYTE *pEapConnData, - _In_ const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray, - _Inout_ DWORD *pdwUsersBlobSize, - _Inout_ BYTE **ppUserBlob, - _Out_ EAP_ERROR **ppEapError) + _In_ HANDLE hUserImpersonationToken, + _In_ EAP_METHOD_TYPE eapMethodType, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray, + _Inout_ DWORD *pdwUsersBlobSize, + _Inout_ BYTE **ppUserBlob, + _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; event_fn_auto_ret event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult)); @@ -867,8 +828,8 @@ DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str())); else if (eapMethodType.dwAuthorId != 67532) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); - else if (!pEapConnData && dwEapConnDataSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL."))); + else if (!pConnectionData && dwConnectionDataSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL."))); else if (!pEapConfigInputFieldArray) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConfigInputFieldArray is NULL."))); else if (!pdwUsersBlobSize) @@ -879,8 +840,8 @@ DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields( if (!g_peer.query_user_blob_from_credential_input_fields( hUserImpersonationToken, dwFlags, - dwEapConnDataSize, - pEapConnData, + dwConnectionDataSize, + pConnectionData, pEapConfigInputFieldArray, pdwUsersBlobSize, ppUserBlob, diff --git a/EAPMethods/src/Main_UI.cpp b/EAPMethods/src/Main_UI.cpp index 6f9cf9a..055b111 100644 --- a/EAPMethods/src/Main_UI.cpp +++ b/EAPMethods/src/Main_UI.cpp @@ -103,8 +103,8 @@ DWORD WINAPI EapPeerConfigXml2Blob( _In_ DWORD dwFlags, _In_ EAP_METHOD_TYPE eapMethodType, _In_ IXMLDOMDocument2 *pConfigDoc, - _Out_ BYTE **ppConfigOut, - _Out_ DWORD *pdwConfigOutSize, + _Out_ BYTE **pConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; @@ -125,13 +125,11 @@ DWORD WINAPI EapPeerConfigXml2Blob( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); else if (!pConfigDoc) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigDoc is NULL."))); - else if (!ppConfigOut) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConfigOut is NULL."))); - else if (!pdwConfigOutSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwConfigOutSize is NULL."))); + else if (!pConnectionDataOut) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionDataOut is NULL."))); + else if (!pdwConnectionDataOutSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwConnectionDataOutSize is NULL."))); else { - UNREFERENCED_PARAMETER(dwFlags); - // pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\"")); com_obj pXmlElConfig; @@ -142,10 +140,7 @@ DWORD WINAPI EapPeerConfigXml2Blob( // Load configuration. pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"")); - eap::config_providers cfg(&g_peer); - if (!cfg.load(pXmlElConfig, ppEapError) || - !g_peer.pack(cfg, ppConfigOut, pdwConfigOutSize, ppEapError)) - { + if (!g_peer.config_xml2blob(dwFlags, pXmlElConfig, pConnectionDataOut, pdwConnectionDataOutSize, ppEapError)) { if (*ppEapError) { g_peer.log_error(*ppEapError); return dwResult = (*ppEapError)->dwWinError; @@ -166,12 +161,12 @@ DWORD WINAPI EapPeerConfigXml2Blob( /// \sa [EapPeerConfigBlob2Xml function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363601.aspx) /// DWORD WINAPI EapPeerConfigBlob2Xml( - _In_ DWORD dwFlags, - _In_ EAP_METHOD_TYPE eapMethodType, - _In_count_(dwConfigInSize) const BYTE *pConfigIn, - _In_ DWORD dwConfigInSize, - _Out_ IXMLDOMDocument2 **ppConfigDoc, - _Out_ EAP_ERROR **ppEapError) + _In_ DWORD dwFlags, + _In_ EAP_METHOD_TYPE eapMethodType, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _Out_ IXMLDOMDocument2 **ppConfigDoc, + _Out_ EAP_ERROR **ppEapError) { DWORD dwResult = ERROR_SUCCESS; event_fn_auto_ret event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult)); @@ -189,24 +184,13 @@ DWORD WINAPI EapPeerConfigBlob2Xml( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str())); else if (eapMethodType.dwAuthorId != 67532) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str())); - else if (!pConfigIn && dwConfigInSize) - g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigIn is NULL."))); + else if (!pConnectionData && dwConnectionDataSize) + g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL."))); else if (!ppConfigDoc) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConfigDoc is NULL."))); else { - UNREFERENCED_PARAMETER(dwFlags); HRESULT hr; - // Unpack configuration. - eap::config_providers cfg(&g_peer); - if (!g_peer.unpack(cfg, pConfigIn, dwConfigInSize, ppEapError)) { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - return dwResult = (*ppEapError)->dwWinError; - } else - return dwResult = ERROR_INVALID_DATA; - } - // Create configuration XML document. com_obj pDoc; if (FAILED(hr = pDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER))) { @@ -235,9 +219,9 @@ DWORD WINAPI EapPeerConfigBlob2Xml( return dwResult; } - // Save all providers. + // Save configuration. pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"")); - if (!cfg.save(pDoc, pXmlElConfig, ppEapError)) { + if (!g_peer.config_blob2xml(dwFlags, pConnectionData, dwConnectionDataSize, pDoc, pXmlElConfig, ppEapError)) { if (*ppEapError) { g_peer.log_error(*ppEapError); return dwResult = (*ppEapError)->dwWinError; @@ -293,18 +277,12 @@ DWORD WINAPI EapPeerInvokeConfigUI( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwConnectionDataOutSize is NULL."))); else if (!ppConnectionDataOut) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConnectionDataOut is NULL."))); - else { - eap::config_providers cfg(&g_peer); - if (dwConnectionDataInSize && !g_peer.unpack(cfg, pConnectionDataIn, dwConnectionDataInSize, ppEapError) || - !g_peer.invoke_config_ui(hwndParent, cfg, ppEapError) || - !g_peer.pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - return dwResult = (*ppEapError)->dwWinError; - } else - return dwResult = ERROR_INVALID_DATA; - } + else if (!g_peer.invoke_config_ui(hwndParent, pConnectionDataIn, dwConnectionDataInSize, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + return dwResult = (*ppEapError)->dwWinError; + } else + return dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -358,20 +336,12 @@ DWORD WINAPI EapPeerInvokeIdentityUI( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUserDataOut is NULL."))); else if (!ppwszIdentity) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL."))); - else { - eap::config_providers cfg(&g_peer); - _EAPMETHOD_PEER_UI::credentials_type cred(&g_peer); - if ( !g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) || - dwUserDataSize && !g_peer.unpack(cred, pUserData, dwUserDataSize, ppEapError) || - !g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, cred, ppwszIdentity, ppEapError) || - !g_peer.pack(cred, ppUserDataOut, pdwUserDataOutSize, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - return dwResult = (*ppEapError)->dwWinError; - } else - return dwResult = ERROR_INVALID_DATA; - } + else if (!g_peer.invoke_identity_ui(hwndParent, dwFlags, pConnectionData, dwConnectionDataSize, pUserData, dwUserDataSize, ppUserDataOut, pdwUserDataOutSize, ppwszIdentity, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + return dwResult = (*ppEapError)->dwWinError; + } else + return dwResult = ERROR_INVALID_DATA; } return dwResult; @@ -417,19 +387,12 @@ DWORD WINAPI EapPeerInvokeInteractiveUI( g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwDataFromInteractiveUISize is NULL."))); else if (!ppDataFromInteractiveUI) g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL."))); - else { - _EAPMETHOD_PEER_UI::interactive_request_type req; - _EAPMETHOD_PEER_UI::interactive_response_type res; - if (!g_peer.unpack(req, pUIContextData, dwUIContextDataSize, ppEapError) || - !g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError) || - !g_peer.pack(res, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize, ppEapError)) - { - if (*ppEapError) { - g_peer.log_error(*ppEapError); - return dwResult = (*ppEapError)->dwWinError; - } else - return dwResult = ERROR_INVALID_DATA; - } + else if (!g_peer.invoke_interactive_ui(hwndParent, pUIContextData, dwUIContextDataSize, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize, ppEapError)) { + if (*ppEapError) { + g_peer.log_error(*ppEapError); + return dwResult = (*ppEapError)->dwWinError; + } else + return dwResult = ERROR_INVALID_DATA; } return dwResult; diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h index 6641cf2..3acaf61 100644 --- a/lib/EAPBase/include/Module.h +++ b/lib/EAPBase/include/Module.h @@ -32,7 +32,7 @@ namespace eap /// /// A group of methods all EAP peers must or should implement. /// - template class peer; + class peer; } #pragma once @@ -337,8 +337,8 @@ namespace eap assert(res); HGLOBAL res_handle = LoadResource(m_instance, res); assert(res_handle); - crypt_key key_rsa; - unique_ptr > keyinfo_data; + winstd::crypt_key key_rsa; + std::unique_ptr > keyinfo_data; DWORD keyinfo_size = 0; if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) { *ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed.")); @@ -350,14 +350,14 @@ namespace eap } // Import the 256-bit AES session key. - crypt_key key_aes; + winstd::crypt_key key_aes; if (!CryptImportKey(hProv, (LPCBYTE)data, 268, key_rsa, 0, &key_aes)) { *ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptImportKey failed.")); return false; } // Decrypt the data using AES session key. - vector > buf; + std::vector > buf; buf.assign((const unsigned char*)data + 268, (const unsigned char*)data + size); if (!CryptDecrypt(key_aes, hHash, TRUE, 0, buf)) { *ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptDecrypt failed.")); @@ -438,7 +438,7 @@ namespace eap bool decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<_Ty, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const { // Create hash. - crypt_hash hash; + winstd::crypt_hash hash; if (!hash.create(hProv, CALG_MD5)) { *ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Creating MD5 hash failed.")); return false; @@ -456,7 +456,7 @@ namespace eap return false; // Calculate MD5 hash and verify it. - vector hash_bin; + std::vector hash_bin; if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) { *ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Calculating MD5 hash failed.")); return false; @@ -552,7 +552,7 @@ namespace eap } // Decrypt data. - vector > data; + std::vector > data; if (!decrypt_md5(cp, pDataIn, dwDataInSize, data, ppEapError)) return false; @@ -617,7 +617,7 @@ namespace eap *pdwDataOutSize = (DWORD)data_enc.size(); *ppDataOut = alloc_memory(*pdwDataOutSize); if (!*ppDataOut) { - log_error(*ppEapError = g_peer.make_error(ERROR_OUTOFMEMORY, wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str())); + log_error(*ppEapError = make_error(ERROR_OUTOFMEMORY, winstd::wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str())); return false; } memcpy(*ppDataOut, data_enc.data(), *pdwDataOutSize); @@ -626,7 +626,7 @@ namespace eap *pdwDataOutSize = (DWORD)pksizeof(record); *ppDataOut = alloc_memory(*pdwDataOutSize); if (!*ppDataOut) { - log_error(*ppEapError = g_peer.make_error(ERROR_OUTOFMEMORY, wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str())); + log_error(*ppEapError = make_error(ERROR_OUTOFMEMORY, winstd::wstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str())); return false; } @@ -652,32 +652,15 @@ namespace eap }; - template class peer : public module { - public: - /// - /// Credentials data type - /// - typedef _Tcred credentials_type; - - /// - /// Interactive request data type - /// - typedef _Tint interactive_request_type; - - /// - /// Interactive response data type - /// - typedef _Tintres interactive_response_type; - public: /// /// Constructs a EAP peer module for the given EAP type /// /// \param[in] eap_method EAP method type ID /// - peer(_In_ winstd::eap_type_t eap_method) : module(eap_method) {} + peer(_In_ winstd::eap_type_t eap_method); /// /// Initializes an EAP peer method for EAPHost. @@ -711,14 +694,17 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool get_identity( - _In_ DWORD dwFlags, - _In_ const config_providers &cfg, - _In_opt_ const credentials_type *cred_in, - _Inout_ credentials_type &cred_out, - _In_ HANDLE hTokenImpersonateUser, - _Out_ BOOL *pfInvokeUI, - _Out_ WCHAR **ppwszIdentity, - _Out_ EAP_ERROR **ppEapError) = 0; + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _In_ HANDLE hTokenImpersonateUser, + _Out_ BOOL *pfInvokeUI, + _Out_ WCHAR **ppwszIdentity, + _Out_ EAP_ERROR **ppEapError) = 0; /// /// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data. @@ -730,13 +716,29 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool get_method_properties( - _In_ DWORD dwVersion, - _In_ DWORD dwFlags, - _In_ HANDLE hUserImpersonationToken, - _In_ const config_providers &cfg, - _In_ const credentials_type &cred, - _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, - _Out_ EAP_ERROR **ppEapError) = 0; + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ HANDLE hUserImpersonationToken, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, + _Out_ EAP_ERROR **ppEapError) = 0; + + /// + /// Converts XML into the configuration BLOB. The XML based credentials can come from group policy or from a system administrator. + /// + /// \sa [EapPeerCredentialsXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363603.aspx) + /// + virtual bool credentials_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _Out_ BYTE **ppCredentialsOut, + _Out_ DWORD *pdwCredentialsOutSize, + _Out_ EAP_ERROR **ppEapError) = 0; /// /// Defines the implementation of an EAP method-specific function that obtains the EAP Single-Sign-On (SSO) credential input fields for an EAP method. @@ -748,23 +750,12 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool query_credential_input_fields( - _In_ HANDLE hUserImpersonationToken, - _In_ DWORD dwFlags, - _In_ DWORD dwEapConnDataSize, - _In_count_(dwEapConnDataSize) const BYTE *pEapConnData, - _Out_ EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldsArray, - _Out_ EAP_ERROR **ppEapError) const - { - UNREFERENCED_PARAMETER(hUserImpersonationToken); - UNREFERENCED_PARAMETER(dwFlags); - UNREFERENCED_PARAMETER(dwEapConnDataSize); - UNREFERENCED_PARAMETER(pEapConnData); - UNREFERENCED_PARAMETER(pEapConfigInputFieldsArray); - UNREFERENCED_PARAMETER(ppEapError); - - *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); - return false; - } + _In_ HANDLE hUserImpersonationToken, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _Out_ EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldsArray, + _Out_ EAP_ERROR **ppEapError) const; /// /// Defines the implementation of an EAP method function that obtains the user BLOB data provided in an interactive Single-Sign-On (SSO) UI raised on the supplicant. @@ -776,27 +767,14 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool query_user_blob_from_credential_input_fields( - _In_ HANDLE hUserImpersonationToken, - _In_ DWORD dwFlags, - _In_ DWORD dwEapConnDataSize, - _In_count_(dwEapConnDataSize) const BYTE *pEapConnData, - _In_ const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray, - _Inout_ DWORD *pdwUsersBlobSize, - _Inout_ BYTE **ppUserBlob, - _Out_ EAP_ERROR **ppEapError) const - { - UNREFERENCED_PARAMETER(hUserImpersonationToken); - UNREFERENCED_PARAMETER(dwFlags); - UNREFERENCED_PARAMETER(dwEapConnDataSize); - UNREFERENCED_PARAMETER(pEapConnData); - UNREFERENCED_PARAMETER(pEapConfigInputFieldArray); - UNREFERENCED_PARAMETER(pdwUsersBlobSize); - UNREFERENCED_PARAMETER(ppUserBlob); - UNREFERENCED_PARAMETER(ppEapError); - - *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); - return false; - } + _In_ HANDLE hUserImpersonationToken, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray, + _Inout_ DWORD *pdwUsersBlobSize, + _Inout_ BYTE **ppUserBlob, + _Out_ EAP_ERROR **ppEapError) const; /// /// Defines the implementation of an EAP method API that provides the input fields for interactive UI components to be raised on the supplicant. @@ -814,19 +792,7 @@ namespace eap _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, _Out_ EAP_INTERACTIVE_UI_DATA *pEapInteractiveUIData, _Out_ EAP_ERROR **ppEapError, - _Inout_ LPVOID *pvReserved) const - { - UNREFERENCED_PARAMETER(dwVersion); - UNREFERENCED_PARAMETER(dwFlags); - UNREFERENCED_PARAMETER(dwUIContextDataSize); - UNREFERENCED_PARAMETER(pUIContextData); - UNREFERENCED_PARAMETER(pEapInteractiveUIData); - UNREFERENCED_PARAMETER(ppEapError); - UNREFERENCED_PARAMETER(pvReserved); - - *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); - return false; - } + _Inout_ LPVOID *pvReserved) const; /// /// Converts user information into a user BLOB that can be consumed by EAPHost run-time functions. @@ -846,20 +812,6 @@ namespace eap _Out_ DWORD *pdwDataFromInteractiveUISize, _Out_ BYTE **ppDataFromInteractiveUI, _Out_ EAP_ERROR **ppEapError, - _Inout_ LPVOID *ppvReserved) const - { - UNREFERENCED_PARAMETER(dwVersion); - UNREFERENCED_PARAMETER(dwFlags); - UNREFERENCED_PARAMETER(dwUIContextDataSize); - UNREFERENCED_PARAMETER(pUIContextData); - UNREFERENCED_PARAMETER(pEapInteractiveUIData); - UNREFERENCED_PARAMETER(pdwDataFromInteractiveUISize); - UNREFERENCED_PARAMETER(ppDataFromInteractiveUI); - UNREFERENCED_PARAMETER(ppEapError); - UNREFERENCED_PARAMETER(ppvReserved); - - *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); - return false; - } + _Inout_ LPVOID *ppvReserved) const; }; } diff --git a/lib/EAPBase/include/Session.h b/lib/EAPBase/include/Session.h index f5c883c..4ed8dda 100644 --- a/lib/EAPBase/include/Session.h +++ b/lib/EAPBase/include/Session.h @@ -56,11 +56,6 @@ namespace eap /// typedef _Tint interactive_request_type; - /// - /// Interactive response data type - /// - typedef _Tintres interactive_response_type; - public: /// /// Constructs a session @@ -264,13 +259,11 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool get_ui_context( - _Out_ interactive_request_type &req, + _Out_ BYTE **ppUIContextData, + _Out_ DWORD *pdwUIContextDataSize, _Out_ EAP_ERROR **ppEapError) { - UNREFERENCED_PARAMETER(ppEapError); - - req = m_intreq; - return true; + return m_module->pack(m_intreq, ppUIContextData, pdwUIContextDataSize, ppEapError); } @@ -286,11 +279,13 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool set_ui_context( - _In_ const interactive_response_type &res, - _In_ const EapPeerMethodOutput *pEapOutput, - _Out_ EAP_ERROR **ppEapError) + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _In_ DWORD dwUIContextDataSize, + _In_ const EapPeerMethodOutput *pEapOutput, + _Out_ EAP_ERROR **ppEapError) { - UNREFERENCED_PARAMETER(res); + UNREFERENCED_PARAMETER(pUIContextData); + UNREFERENCED_PARAMETER(dwUIContextDataSize); UNREFERENCED_PARAMETER(pEapOutput); assert(ppEapError); diff --git a/lib/EAPBase/src/Module.cpp b/lib/EAPBase/src/Module.cpp index 97bde77..93f0f87 100644 --- a/lib/EAPBase/src/Module.cpp +++ b/lib/EAPBase/src/Module.cpp @@ -212,3 +212,104 @@ bool eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const enc.insert(enc.end(), hash_bin.begin(), hash_bin.end()); return true; } + + +////////////////////////////////////////////////////////////////////// +// eap::peer +////////////////////////////////////////////////////////////////////// + +eap::peer::peer(_In_ eap_type_t eap_method) : module(eap_method) +{ +} + + +bool eap::peer::query_credential_input_fields( + _In_ HANDLE hUserImpersonationToken, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _Out_ EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldsArray, + _Out_ EAP_ERROR **ppEapError) const +{ + UNREFERENCED_PARAMETER(hUserImpersonationToken); + UNREFERENCED_PARAMETER(dwFlags); + UNREFERENCED_PARAMETER(dwConnectionDataSize); + UNREFERENCED_PARAMETER(pConnectionData); + UNREFERENCED_PARAMETER(pEapConfigInputFieldsArray); + UNREFERENCED_PARAMETER(ppEapError); + + *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); + return false; +} + + +bool eap::peer::query_user_blob_from_credential_input_fields( + _In_ HANDLE hUserImpersonationToken, + _In_ DWORD dwFlags, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray, + _Inout_ DWORD *pdwUsersBlobSize, + _Inout_ BYTE **ppUserBlob, + _Out_ EAP_ERROR **ppEapError) const +{ + UNREFERENCED_PARAMETER(hUserImpersonationToken); + UNREFERENCED_PARAMETER(dwFlags); + UNREFERENCED_PARAMETER(dwConnectionDataSize); + UNREFERENCED_PARAMETER(pConnectionData); + UNREFERENCED_PARAMETER(pEapConfigInputFieldArray); + UNREFERENCED_PARAMETER(pdwUsersBlobSize); + UNREFERENCED_PARAMETER(ppUserBlob); + UNREFERENCED_PARAMETER(ppEapError); + + *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); + return false; +} + + +bool eap::peer::query_interactive_ui_input_fields( + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ DWORD dwUIContextDataSize, + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _Out_ EAP_INTERACTIVE_UI_DATA *pEapInteractiveUIData, + _Out_ EAP_ERROR **ppEapError, + _Inout_ LPVOID *pvReserved) const +{ + UNREFERENCED_PARAMETER(dwVersion); + UNREFERENCED_PARAMETER(dwFlags); + UNREFERENCED_PARAMETER(dwUIContextDataSize); + UNREFERENCED_PARAMETER(pUIContextData); + UNREFERENCED_PARAMETER(pEapInteractiveUIData); + UNREFERENCED_PARAMETER(ppEapError); + UNREFERENCED_PARAMETER(pvReserved); + + *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); + return false; +} + + +bool eap::peer::query_ui_blob_from_interactive_ui_input_fields( + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ DWORD dwUIContextDataSize, + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _In_ const EAP_INTERACTIVE_UI_DATA *pEapInteractiveUIData, + _Out_ DWORD *pdwDataFromInteractiveUISize, + _Out_ BYTE **ppDataFromInteractiveUI, + _Out_ EAP_ERROR **ppEapError, + _Inout_ LPVOID *ppvReserved) const +{ + UNREFERENCED_PARAMETER(dwVersion); + UNREFERENCED_PARAMETER(dwFlags); + UNREFERENCED_PARAMETER(dwUIContextDataSize); + UNREFERENCED_PARAMETER(pUIContextData); + UNREFERENCED_PARAMETER(pEapInteractiveUIData); + UNREFERENCED_PARAMETER(pdwDataFromInteractiveUISize); + UNREFERENCED_PARAMETER(ppDataFromInteractiveUI); + UNREFERENCED_PARAMETER(ppEapError); + UNREFERENCED_PARAMETER(ppvReserved); + + *ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported.")); + return false; +} diff --git a/lib/EAPBase_UI/build/EAPBase_UI.vcxproj b/lib/EAPBase_UI/build/EAPBase_UI.vcxproj index 1fed951..529879a 100644 --- a/lib/EAPBase_UI/build/EAPBase_UI.vcxproj +++ b/lib/EAPBase_UI/build/EAPBase_UI.vcxproj @@ -87,6 +87,7 @@ + Create Create diff --git a/lib/EAPBase_UI/build/EAPBase_UI.vcxproj.filters b/lib/EAPBase_UI/build/EAPBase_UI.vcxproj.filters index 4862324..bdc70fe 100644 --- a/lib/EAPBase_UI/build/EAPBase_UI.vcxproj.filters +++ b/lib/EAPBase_UI/build/EAPBase_UI.vcxproj.filters @@ -38,6 +38,9 @@ Source Files + + Source Files + diff --git a/lib/EAPBase_UI/include/Module.h b/lib/EAPBase_UI/include/Module.h index 26d246c..a26091a 100644 --- a/lib/EAPBase_UI/include/Module.h +++ b/lib/EAPBase_UI/include/Module.h @@ -21,11 +21,11 @@ namespace eap { /// - /// EAP UI peer base abstract class template + /// EAP UI peer base abstract class /// /// A group of methods all EAP UI peers must or should implement. /// - template class peer_ui; + class peer_ui; } #pragma once @@ -35,93 +35,96 @@ namespace eap namespace eap { - template class peer_ui : public module { - public: - /// - /// Credentials data type - /// - typedef _Tcred credentials_type; - - /// - /// Interactive request data type - /// - typedef _Tint interactive_request_type; - - /// - /// Interactive response data type - /// - typedef _Tintres interactive_response_type; - public: /// /// Constructs a EAP UI peer module for the given EAP type /// /// \param[in] eap_method EAP method type ID /// - peer_ui(_In_ winstd::eap_type_t eap_method) : module(eap_method) {} + peer_ui(_In_ winstd::eap_type_t eap_method); + + /// + /// Converts XML into the configuration BLOB. + /// + /// \sa [EapPeerConfigXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363602.aspx) + /// + virtual bool config_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ BYTE **pConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError) = 0; + + /// + /// Converts the configuration BLOB to XML. + /// + /// The configuration BLOB is returned in the ppConnectionDataOut parameter of the EapPeerInvokeConfigUI function. + /// + /// \sa [EapPeerConfigBlob2Xml function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363601.aspx) + /// + virtual bool config_blob2xml( + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_ IXMLDOMDocument *pDoc, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ EAP_ERROR **ppEapError) = 0; /// /// Raises the EAP method's specific connection configuration user interface dialog on the client. /// /// \sa [EapPeerInvokeConfigUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363614.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[inout] cfg Configuration to edit - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_config_ui( - _In_ HWND hwndParent, - _Inout_ config_providers &cfg, - _Out_ EAP_ERROR **ppEapError) = 0; + _In_ HWND hwndParent, + _In_count_(dwConnectionDataInSize) const BYTE *pConnectionDataIn, + _In_ DWORD dwConnectionDataInSize, + _Out_ BYTE **ppConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError) = 0; /// /// Raises a custom interactive user interface dialog to obtain user identity information for the EAP method on the client. /// /// \sa [EapPeerInvokeIdentityUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363615.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[in] dwFlags Flags passed to `EapPeerInvokeIdentityUI()` call - /// \param[inout] cfg Configuration - /// \param[inout] cred User credentials to edit - /// \param[out] ppwszIdentity Pointer to user identity. Free using `module::free_memory()`. - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_identity_ui( - _In_ HWND hwndParent, - _In_ DWORD dwFlags, - _Inout_ config_providers &cfg, - _Inout_ credentials_type &cred, - _Out_ LPWSTR *ppwszIdentity, - _Out_ EAP_ERROR **ppEapError) = 0; + _In_ HWND hwndParent, + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _Out_ LPWSTR *ppwszIdentity, + _Out_ EAP_ERROR **ppEapError) = 0; /// /// Raises a custom interactive user interface dialog for the EAP method on the client. /// /// \sa [EapPeerInvokeInteractiveUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363616.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[in] req Interactive request - /// \param[out] res Interactive response - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_interactive_ui( - _In_ HWND hwndParent, - _In_ const interactive_request_type &req, - _Out_ interactive_response_type &res, - _Out_ EAP_ERROR **ppEapError) = 0; + _In_ HWND hwndParent, + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _In_ DWORD dwUIContextDataSize, + _Out_ BYTE **ppDataFromInteractiveUI, + _Out_ DWORD *pdwDataFromInteractiveUISize, + _Out_ EAP_ERROR **ppEapError) = 0; }; } diff --git a/lib/EAPBase_UI/src/Module.cpp b/lib/EAPBase_UI/src/Module.cpp new file mode 100644 index 0000000..a600c65 --- /dev/null +++ b/lib/EAPBase_UI/src/Module.cpp @@ -0,0 +1,32 @@ +/* + Copyright 2015-2016 Amebis + Copyright 2016 GÉANT + + This file is part of GÉANTLink. + + GÉANTLink is free software: you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + GÉANTLink is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GÉANTLink. If not, see . +*/ + +#include "StdAfx.h" + +using namespace std; +using namespace winstd; + +////////////////////////////////////////////////////////////////////// +// eap::peer_ui +////////////////////////////////////////////////////////////////////// + +eap::peer_ui::peer_ui(_In_ eap_type_t eap_method) : module(eap_method) +{ +} diff --git a/lib/TTLS/include/Module.h b/lib/TTLS/include/Module.h index a454d3a..18f4229 100644 --- a/lib/TTLS/include/Module.h +++ b/lib/TTLS/include/Module.h @@ -35,7 +35,7 @@ namespace eap namespace eap { - class peer_ttls : public peer + class peer_ttls : public peer { public: /// @@ -80,14 +80,17 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool get_identity( - _In_ DWORD dwFlags, - _In_ const config_providers &cfg, - _In_opt_ const credentials_type *cred_in, - _Inout_ credentials_type &cred_out, - _In_ HANDLE hTokenImpersonateUser, - _Out_ BOOL *pfInvokeUI, - _Out_ WCHAR **ppwszIdentity, - _Out_ EAP_ERROR **ppEapError); + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _In_ HANDLE hTokenImpersonateUser, + _Out_ BOOL *pfInvokeUI, + _Out_ WCHAR **ppwszIdentity, + _Out_ EAP_ERROR **ppEapError); /// /// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data. @@ -99,12 +102,28 @@ namespace eap /// - \c false otherwise. See \p ppEapError for details. /// virtual bool get_method_properties( - _In_ DWORD dwVersion, - _In_ DWORD dwFlags, - _In_ HANDLE hUserImpersonationToken, - _In_ const config_providers &cfg, - _In_ const credentials_type &cred, - _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, - _Out_ EAP_ERROR **ppEapError); + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ HANDLE hUserImpersonationToken, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, + _Out_ EAP_ERROR **ppEapError); + + /// + /// Converts XML into the configuration BLOB. The XML based credentials can come from group policy or from a system administrator. + /// + /// \sa [EapPeerCredentialsXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363603.aspx) + /// + virtual bool credentials_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _Out_ BYTE **ppCredentialsOut, + _Out_ DWORD *pdwCredentialsOutSize, + _Out_ EAP_ERROR **ppEapError); }; } diff --git a/lib/TTLS/src/Module.cpp b/lib/TTLS/src/Module.cpp index 9a603a9..404766c 100644 --- a/lib/TTLS/src/Module.cpp +++ b/lib/TTLS/src/Module.cpp @@ -28,7 +28,7 @@ using namespace winstd; // eap::peer_ttls ////////////////////////////////////////////////////////////////////// -eap::peer_ttls::peer_ttls() : peer(eap_type_ttls) +eap::peer_ttls::peer_ttls() : peer(eap_type_ttls) { } @@ -65,30 +65,44 @@ bool eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError) bool eap::peer_ttls::get_identity( - _In_ DWORD dwFlags, - _In_ const config_providers &cfg, - _In_opt_ const credentials_type *cred_in, - _Inout_ credentials_type &cred_out, - _In_ HANDLE hTokenImpersonateUser, - _Out_ BOOL *pfInvokeUI, - _Out_ WCHAR **ppwszIdentity, - _Out_ EAP_ERROR **ppEapError) + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _In_ HANDLE hTokenImpersonateUser, + _Out_ BOOL *pfInvokeUI, + _Out_ WCHAR **ppwszIdentity, + _Out_ EAP_ERROR **ppEapError) { assert(pfInvokeUI); assert(ppwszIdentity); assert(ppEapError); - if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) { + // Unpack configuration. + eap::config_providers cfg(this); + if (!unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError)) + return false; + else if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) { *ppEapError = make_error(ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" Configuration has no providers and/or methods.")); return false; } + // Unpack cached credentials. + credentials_ttls cred_in(this); + if (dwUserDataSize && !unpack(cred_in, pUserData, dwUserDataSize, ppEapError)) + return false; + // Get method configuration. const config_provider &cfg_prov(cfg.m_providers.front()); const config_method_ttls *cfg_method = dynamic_cast(cfg_prov.m_methods.front().get()); assert(cfg_method); const config_method_pap *cfg_inner_pap = dynamic_cast(cfg_method->m_inner.get()); + credentials_ttls cred_out(this); + // Determine credential storage target(s). Also used as user-friendly method name for logging. wstring target_outer(std::move(cred_out.m_outer.target_suffix())); wstring target_inner; @@ -97,19 +111,19 @@ bool eap::peer_ttls::get_identity( is_outer_set = false, is_inner_set = false; - if (cred_in) { + if (dwUserDataSize) { // Try cached credentials. if (!is_outer_set) { // Outer TLS: Using EAP service cached credentials. - cred_out.m_outer = cred_in->m_outer; + cred_out.m_outer = cred_in.m_outer; log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED, event_data(target_outer), event_data(cred_out.m_outer.get_name()), event_data::blank); is_outer_set = true; } - if (!is_inner_set && cred_in->m_inner) { + if (!is_inner_set && cred_in.m_inner) { // Inner PAP: Using EAP service cached credentials. - cred_out.m_inner.reset((credentials*)cred_in->m_inner->clone()); + cred_out.m_inner.reset((credentials*)cred_in.m_inner->clone()); log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED, event_data(target_inner), event_data(cred_out.m_inner->get_name()), event_data::blank); is_inner_set = true; } @@ -204,24 +218,29 @@ bool eap::peer_ttls::get_identity( *ppwszIdentity = (WCHAR*)alloc_memory(size); memcpy(*ppwszIdentity, identity.c_str(), size); - return true; + // Pack credentials. + return pack(cred_out, ppUserDataOut, pdwUserDataOutSize, ppEapError); } bool eap::peer_ttls::get_method_properties( - _In_ DWORD dwVersion, - _In_ DWORD dwFlags, - _In_ HANDLE hUserImpersonationToken, - _In_ const config_providers &cfg, - _In_ const credentials_type &cred, - _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, - _Out_ EAP_ERROR **ppEapError) + _In_ DWORD dwVersion, + _In_ DWORD dwFlags, + _In_ HANDLE hUserImpersonationToken, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray, + _Out_ EAP_ERROR **ppEapError) { UNREFERENCED_PARAMETER(dwVersion); UNREFERENCED_PARAMETER(dwFlags); UNREFERENCED_PARAMETER(hUserImpersonationToken); - UNREFERENCED_PARAMETER(cfg); - UNREFERENCED_PARAMETER(cred); + UNREFERENCED_PARAMETER(pConnectionData); + UNREFERENCED_PARAMETER(dwConnectionDataSize); + UNREFERENCED_PARAMETER(pUserData); + UNREFERENCED_PARAMETER(dwUserDataSize); assert(pMethodPropertyArray); assert(ppEapError); @@ -263,3 +282,26 @@ bool eap::peer_ttls::get_method_properties( return true; } + + +bool eap::peer_ttls::credentials_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _Out_ BYTE **ppCredentialsOut, + _Out_ DWORD *pdwCredentialsOutSize, + _Out_ EAP_ERROR **ppEapError) +{ + UNREFERENCED_PARAMETER(dwFlags); + UNREFERENCED_PARAMETER(pConnectionData); + UNREFERENCED_PARAMETER(dwConnectionDataSize); + + // Load credentials from XML. + credentials_ttls cred(this); + if (!cred.load(pConfigRoot, ppEapError)) + return false; + + // Pack credentials. + return pack(cred, ppCredentialsOut, pdwCredentialsOutSize, ppEapError); +} diff --git a/lib/TTLS_UI/include/Module.h b/lib/TTLS_UI/include/Module.h index 846236e..637fa88 100644 --- a/lib/TTLS_UI/include/Module.h +++ b/lib/TTLS_UI/include/Module.h @@ -35,7 +35,7 @@ namespace eap namespace eap { - class peer_ttls_ui : public peer_ui + class peer_ttls_ui : public peer_ui { public: /// @@ -48,66 +48,86 @@ namespace eap /// virtual config_method* make_config_method(); + /// + /// Converts XML into the configuration BLOB. + /// + /// \sa [EapPeerConfigXml2Blob function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363602.aspx) + /// + virtual bool config_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ BYTE **pConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError); + + /// + /// Converts the configuration BLOB to XML. + /// + /// The configuration BLOB is returned in the ppConnectionDataOut parameter of the EapPeerInvokeConfigUI function. + /// + /// \sa [EapPeerConfigBlob2Xml function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363601.aspx) + /// + virtual bool config_blob2xml( + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_ IXMLDOMDocument *pDoc, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ EAP_ERROR **ppEapError); + /// /// Raises the EAP method's specific connection configuration user interface dialog on the client. /// /// \sa [EapPeerInvokeConfigUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363614.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[inout] cfg Configuration to edit - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_config_ui( - _In_ HWND hwndParent, - _Inout_ config_providers &cfg, - _Out_ EAP_ERROR **ppEapError); + _In_ HWND hwndParent, + _In_count_(dwConnectionDataInSize) const BYTE *pConnectionDataIn, + _In_ DWORD dwConnectionDataInSize, + _Out_ BYTE **ppConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError); /// /// Raises a custom interactive user interface dialog to obtain user identity information for the EAP method on the client. /// /// \sa [EapPeerInvokeIdentityUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363615.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[in] dwFlags Flags passed to `EapPeerInvokeIdentityUI()` call - /// \param[inout] cfg Configuration - /// \param[inout] cred User credentials to edit - /// \param[out] ppwszIdentity Pointer to user identity. Free using `module::free_memory()`. - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_identity_ui( - _In_ HWND hwndParent, - _In_ DWORD dwFlags, - _Inout_ config_providers &cfg, - _Inout_ credentials_type &cred, - _Out_ LPWSTR *ppwszIdentity, - _Out_ EAP_ERROR **ppEapError); + _In_ HWND hwndParent, + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _Out_ LPWSTR *ppwszIdentity, + _Out_ EAP_ERROR **ppEapError); /// /// Raises a custom interactive user interface dialog for the EAP method on the client. /// /// \sa [EapPeerInvokeInteractiveUI function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363616.aspx) /// - /// \param[in] hwndParent Parent window - /// \param[in] req Interactive request - /// \param[out] res Interactive response - /// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`. - /// /// \returns /// - \c true if succeeded /// - \c false otherwise. See \p ppEapError for details. /// virtual bool invoke_interactive_ui( - _In_ HWND hwndParent, - _In_ const interactive_request_type &req, - _Out_ interactive_response_type &res, - _Out_ EAP_ERROR **ppEapError); + _In_ HWND hwndParent, + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _In_ DWORD dwUIContextDataSize, + _Out_ BYTE **ppDataFromInteractiveUI, + _Out_ DWORD *pdwDataFromInteractiveUISize, + _Out_ EAP_ERROR **ppEapError); }; } diff --git a/lib/TTLS_UI/src/Module.cpp b/lib/TTLS_UI/src/Module.cpp index bcd798d..9f17fae 100644 --- a/lib/TTLS_UI/src/Module.cpp +++ b/lib/TTLS_UI/src/Module.cpp @@ -25,7 +25,7 @@ // eap::peer_ttls_ui ////////////////////////////////////////////////////////////////////// -eap::peer_ttls_ui::peer_ttls_ui() : peer_ui(winstd::eap_type_ttls) +eap::peer_ttls_ui::peer_ttls_ui() : peer_ui(winstd::eap_type_ttls) { } @@ -36,12 +36,57 @@ eap::config_method* eap::peer_ttls_ui::make_config_method() } -bool eap::peer_ttls_ui::invoke_config_ui( - _In_ HWND hwndParent, - _Inout_ config_providers &cfg, - _Out_ EAP_ERROR **ppEapError) +bool eap::peer_ttls_ui::config_xml2blob( + _In_ DWORD dwFlags, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ BYTE **pConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError) { - UNREFERENCED_PARAMETER(ppEapError); + UNREFERENCED_PARAMETER(dwFlags); + + // Load configuration from XML. + eap::config_providers cfg(this); + if (!cfg.load(pConfigRoot, ppEapError)) + return false; + + // Pack configuration. + return pack(cfg, pConnectionDataOut, pdwConnectionDataOutSize, ppEapError); +} + + +bool eap::peer_ttls_ui::config_blob2xml( + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_ IXMLDOMDocument *pDoc, + _In_ IXMLDOMNode *pConfigRoot, + _Out_ EAP_ERROR **ppEapError) +{ + UNREFERENCED_PARAMETER(dwFlags); + + // Unpack configuration. + eap::config_providers cfg(this); + if (!unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError)) + return false; + + // Save configuration to XML. + return cfg.save(pDoc, pConfigRoot, ppEapError); +} + + +bool eap::peer_ttls_ui::invoke_config_ui( + _In_ HWND hwndParent, + _In_count_(dwConnectionDataInSize) const BYTE *pConnectionDataIn, + _In_ DWORD dwConnectionDataInSize, + _Out_ BYTE **ppConnectionDataOut, + _Out_ DWORD *pdwConnectionDataOutSize, + _Out_ EAP_ERROR **ppEapError) +{ + // Unpack configuration. + eap::config_providers cfg(this); + if (dwConnectionDataInSize && !unpack(cfg, pConnectionDataIn, dwConnectionDataInSize, ppEapError)) + return false; // Initialize application. new wxApp(); @@ -70,23 +115,35 @@ bool eap::peer_ttls_ui::invoke_config_ui( return false; } - return true; + // Pack new configuration. + return pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError); } bool eap::peer_ttls_ui::invoke_identity_ui( - _In_ HWND hwndParent, - _In_ DWORD dwFlags, - _Inout_ config_providers &cfg, - _Inout_ credentials_type &cred, - _Out_ LPWSTR *ppwszIdentity, - _Out_ EAP_ERROR **ppEapError) + _In_ HWND hwndParent, + _In_ DWORD dwFlags, + _In_count_(dwConnectionDataSize) const BYTE *pConnectionData, + _In_ DWORD dwConnectionDataSize, + _In_count_(dwUserDataSize) const BYTE *pUserData, + _In_ DWORD dwUserDataSize, + _Out_ BYTE **ppUserDataOut, + _Out_ DWORD *pdwUserDataOutSize, + _Out_ LPWSTR *ppwszIdentity, + _Out_ EAP_ERROR **ppEapError) { - if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) { + eap::config_providers cfg(this); + if (!unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError)) + return false; + else if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty()) { *ppEapError = make_error(ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" Configuration has no providers and/or methods.")); return false; } + credentials_ttls cred(this); + if (dwUserDataSize && !unpack(cred, pUserData, dwUserDataSize, ppEapError)) + return false; + const config_provider &cfg_prov(cfg.m_providers.front()); config_method_ttls *cfg_method = dynamic_cast(cfg_prov.m_methods.front().get()); assert(cfg_method); @@ -138,18 +195,23 @@ bool eap::peer_ttls_ui::invoke_identity_ui( *ppwszIdentity = (WCHAR*)alloc_memory(size); memcpy(*ppwszIdentity, identity.c_str(), size); - return true; + // Pack credentials. + return pack(cred, ppUserDataOut, pdwUserDataOutSize, ppEapError); } bool eap::peer_ttls_ui::invoke_interactive_ui( - _In_ HWND hwndParent, - _In_ const interactive_request_type &req, - _Out_ interactive_response_type &res, - _Out_ EAP_ERROR **ppEapError) + _In_ HWND hwndParent, + _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, + _In_ DWORD dwUIContextDataSize, + _Out_ BYTE **ppDataFromInteractiveUI, + _Out_ DWORD *pdwDataFromInteractiveUISize, + _Out_ EAP_ERROR **ppEapError) { - UNREFERENCED_PARAMETER(req); - UNREFERENCED_PARAMETER(res); + UNREFERENCED_PARAMETER(pUIContextData); + UNREFERENCED_PARAMETER(dwUIContextDataSize); + UNREFERENCED_PARAMETER(ppDataFromInteractiveUI); + UNREFERENCED_PARAMETER(pdwDataFromInteractiveUISize); UNREFERENCED_PARAMETER(ppEapError); InitCommonControls();