diff --git a/lib/EAPBase/include/Credentials.h b/lib/EAPBase/include/Credentials.h index 6feb0a8..b08b036 100644 --- a/lib/EAPBase/include/Credentials.h +++ b/lib/EAPBase/include/Credentials.h @@ -45,10 +45,7 @@ namespace eap namespace eap { - /// - /// \defgroup EAPBaseCred Credentials - /// Credential management - /// + /// \addtogroup EAPBaseCred /// @{ /// diff --git a/lib/EAPBase/include/EAP.h b/lib/EAPBase/include/EAP.h index 333a699..f98b63b 100644 --- a/lib/EAPBase/include/EAP.h +++ b/lib/EAPBase/include/EAP.h @@ -28,12 +28,25 @@ /// @{ #ifndef EAP_ENCRYPT_BLOBS /// -/// Compiler variable to control whether BLOBs leaving our module get encrypted +/// BLOBs leaving our module are encrypted /// #define EAP_ENCRYPT_BLOBS 1 #endif /// @} +/// +/// \defgroup EAPBaseCred Credentials +/// Credential management +/// +/// @{ +#ifndef EAP_USE_NATIVE_CREDENTIAL_CACHE +/// +/// Using EapHost credential cache +/// +#define EAP_USE_NATIVE_CREDENTIAL_CACHE 0 +#endif +/// @} + #define _HOST_LOW_ENDIAN #if !defined(RC_INVOKED) && !defined(MIDL_PASS) diff --git a/lib/TTLS/include/Module.h b/lib/TTLS/include/Module.h index 093c980..fd9226f 100644 --- a/lib/TTLS/include/Module.h +++ b/lib/TTLS/include/Module.h @@ -198,7 +198,7 @@ namespace eap // The following members are required to avoid memory leakage in get_result() and get_ui_context(). BYTE *m_blob_cfg; ///< Configuration BLOB -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE BYTE *m_blob_cred; ///< Credentials BLOB #endif BYTE *m_blob_ui_ctx; ///< User Interface context data diff --git a/lib/TTLS/src/Module.cpp b/lib/TTLS/src/Module.cpp index 4bb2ea5..2599edb 100644 --- a/lib/TTLS/src/Module.cpp +++ b/lib/TTLS/src/Module.cpp @@ -346,7 +346,7 @@ void eap::peer_ttls::get_result( s->m_blob_cfg = pResult->pConnectionData; } -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE pResult->fSaveUserData = TRUE; pack(s->m_cred, &pResult->pUserData, &pResult->dwSizeofUserData); if (s->m_blob_cred) @@ -430,7 +430,7 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials( _Out_ credentials_connection& cred_out, _In_ HANDLE hTokenImpersonateUser) { -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE // Unpack cached credentials. credentials_connection cred_in(*this, cfg); if (dwUserDataSize) @@ -455,7 +455,7 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials( // Combine credentials. We could use eap::credentials_ttls() to do all the work, but we would not know which credentials is missing then. credentials_ttls *cred = dynamic_cast(cfg_method->make_credentials()); cred_out.m_cred.reset(cred); -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE bool has_cached = cred_in.m_cred && cred_in.match(*cfg_prov); #endif @@ -464,7 +464,7 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials( eap::credentials::source_t src_outer = cred->credentials_tls::combine( dwFlags, hTokenImpersonateUser, -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE has_cached ? cred_in.m_cred.get() : NULL, #else NULL, @@ -480,7 +480,7 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials( eap::credentials::source_t src_inner = cred->m_inner->combine( dwFlags, hTokenImpersonateUser, -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE has_cached ? dynamic_cast(cred_in.m_cred.get())->m_inner.get() : NULL, #else NULL, @@ -526,7 +526,7 @@ eap::peer_ttls::session::session(_In_ module &mod) : m_cfg(mod), m_cred(mod, m_cfg), m_blob_cfg(NULL), -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE m_blob_cred(NULL), #endif m_blob_ui_ctx(NULL) @@ -538,7 +538,7 @@ eap::peer_ttls::session::~session() if (m_blob_cfg) m_module.free_memory(m_blob_cfg); -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE if (m_blob_cred) m_module.free_memory(m_blob_cred); #endif diff --git a/lib/TTLS_UI/src/Module.cpp b/lib/TTLS_UI/src/Module.cpp index 76c3dcf..fa7b876 100644 --- a/lib/TTLS_UI/src/Module.cpp +++ b/lib/TTLS_UI/src/Module.cpp @@ -159,7 +159,7 @@ void eap::peer_ttls_ui::invoke_identity_ui( config_connection cfg(*this); unpack(cfg, pConnectionData, dwConnectionDataSize); -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE // Unpack cached credentials. credentials_connection cred_in(*this, cfg); if (dwUserDataSize) @@ -214,7 +214,7 @@ void eap::peer_ttls_ui::invoke_identity_ui( cred_out.m_id = cfg_prov->m_id; auto cred = dynamic_cast(cfg_method->make_credentials()); cred_out.m_cred.reset(cred); -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE bool has_cached = cred_in.m_cred && cred_in.match(*cfg_prov); #endif @@ -229,7 +229,7 @@ void eap::peer_ttls_ui::invoke_identity_ui( eap::credentials::source_t src_outer = cred->credentials_tls::combine( dwFlags, NULL, -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE has_cached ? cred_in.m_cred.get() : NULL, #else NULL, @@ -273,7 +273,7 @@ void eap::peer_ttls_ui::invoke_identity_ui( eap::credentials::source_t src_inner = cred->m_inner->combine( dwFlags, NULL, -#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE +#if EAP_USE_NATIVE_CREDENTIAL_CACHE has_cached ? dynamic_cast(cred_in.m_cred.get())->m_inner.get() : NULL, #else NULL,