Reported events are more consistent now

2016-11-04 11:51:39 +01:00 · 2016-11-04 11:51:39 +01:00 · 6166dd3887
commit 6166dd3887
parent d08b70c284
2 changed files with 7 additions and 5 deletions
--- a/lib/Events/res/EventsETW.man
+++ b/lib/Events/res/EventsETW.man
--- a/lib/TTLS/src/Method.cpp
+++ b/lib/TTLS/src/Method.cpp
@ -464,6 +464,8 @@ EapPeerMethodResponseAction eap::method_ttls::process_request_packet(

    switch (m_phase) {
    case phase_handshake_init: {
+        m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_ttls), event_data::blank);
+
        // Prepare input buffer(s).
        SecBuffer buf_in[] = {
            { (unsigned long)dwReceivedPacketSize, SECBUFFER_TOKEN, const_cast<void*>(pReceivedPacket) },
@ -577,7 +579,7 @@ EapPeerMethodResponseAction eap::method_ttls::process_request_packet(
                SecPkgContext_ConnectionInfo info;
                if (SUCCEEDED(status = QueryContextAttributes(m_sc_ctx, SECPKG_ATTR_CONNECTION_INFO, &info)))
                    m_module.log_event(&EAPMETHOD_TLS_HANDSHAKE_FINISHED,
-                        event_data((unsigned int)eap_type_tls),
+                        event_data((unsigned int)eap_type_ttls),
                        event_data(auth.sAuthorityName),
                        event_data(info.dwProtocol),
                        event_data(info.aiCipher),
@ -851,7 +853,7 @@ void eap::method_ttls::verify_server_trust() const
            memcmp(cert->pbCertEncoded, (*c)->pbCertEncoded, cert->cbCertEncoded) == 0)
        {
            // Server certificate found directly on the trusted root CA list.
-            m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_TRUSTED_EX, event_data::blank);
+            m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_TRUSTED_EX1, event_data((unsigned int)eap_type_ttls), event_data::blank);
            return;
        }
    }
@ -900,7 +902,7 @@ void eap::method_ttls::verify_server_trust() const
                    if (san_info->rgAltEntry[idx_entry].dwAltNameChoice == CERT_ALT_NAME_DNS_NAME &&
                        _wcsicmp(s->c_str(), san_info->rgAltEntry[idx_entry].pwszDNSName) == 0)
                    {
-                        m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(san_info->rgAltEntry[idx_entry].pwszDNSName), event_data::blank);
+                        m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED2, event_data((unsigned int)eap_type_ttls), event_data(san_info->rgAltEntry[idx_entry].pwszDNSName), event_data::blank);
                        found = true;
                    }
                }
@ -915,7 +917,7 @@ void eap::method_ttls::verify_server_trust() const

            for (auto s = m_cfg.m_server_names.cbegin(), s_end = m_cfg.m_server_names.cend(); !found && s != s_end; ++s) {
                if (_wcsicmp(s->c_str(), subj.c_str()) == 0) {
-                    m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(subj), event_data::blank);
+                    m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED2, event_data((unsigned int)eap_type_ttls), event_data(subj), event_data::blank);
                    found = true;
                }
            }
@ -1005,7 +1007,7 @@ void eap::method_ttls::verify_server_trust() const
        }
    }

-    m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_TRUSTED, event_data::blank);
+    m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_TRUSTED1, event_data((unsigned int)eap_type_ttls), event_data::blank);
 }

 #endif