From 7a3d4e0947c0af346a4a2ed7036a06aab1571b27 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Fri, 2 Sep 2016 14:24:23 +0200 Subject: [PATCH] Common PAP and MSCHAPv2 code merged in intermediate base class method_noneap --- lib/EAPBase/include/Method.h | 52 +++++++++++++++++++++++++++++++++++ lib/EAPBase/src/Method.cpp | 45 ++++++++++++++++++++++++++++++ lib/MSCHAPv2/include/Method.h | 13 +-------- lib/MSCHAPv2/src/Method.cpp | 37 ++++++------------------- lib/PAP/include/Method.h | 13 +-------- lib/PAP/src/Method.cpp | 37 ++++++------------------- 6 files changed, 117 insertions(+), 80 deletions(-) diff --git a/lib/EAPBase/include/Method.h b/lib/EAPBase/include/Method.h index fd32262..4c5c582 100644 --- a/lib/EAPBase/include/Method.h +++ b/lib/EAPBase/include/Method.h @@ -24,6 +24,11 @@ namespace eap /// EAP and non-EAP method base class /// class method; + + /// + /// Non-EAP method base class + /// + class method_noneap; } #pragma once @@ -134,4 +139,51 @@ namespace eap credentials &m_cred; ///< User credentials std::vector m_eap_attr; ///< EAP attributes }; + + + class method_noneap : public method + { + public: + /// + /// Constructs an EAP method + /// + /// \param[in] mod EAP module to use for global services + /// \param[in] cfg Method configuration + /// \param[in] cred User credentials + /// + method_noneap(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred); + + /// + /// Moves an EAP method + /// + /// \param[in] other EAP method to move from + /// + method_noneap(_Inout_ method_noneap &&other); + + /// + /// Moves an EAP method + /// + /// \param[in] other EAP method to move from + /// + /// \returns Reference to this object + /// + method_noneap& operator=(_Inout_ method_noneap &&other); + + /// \name Packet processing + /// @{ + + /// + /// Obtains a response packet from the EAP method. + /// + /// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx) + /// + virtual void get_response_packet( + _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, + _Inout_ DWORD *pdwSendPacketSize); + + /// @} + + protected: + sanitizing_blob m_packet_res; ///< Response packet + }; } diff --git a/lib/EAPBase/src/Method.cpp b/lib/EAPBase/src/Method.cpp index 6c8ad8f..e6941e9 100644 --- a/lib/EAPBase/src/Method.cpp +++ b/lib/EAPBase/src/Method.cpp @@ -74,3 +74,48 @@ void eap::method::begin_session( void eap::method::end_session() { } + + +////////////////////////////////////////////////////////////////////// +// eap::method_noneap +////////////////////////////////////////////////////////////////////// + +eap::method_noneap::method_noneap(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred) : method(module, cfg, cred) +{ +} + + +eap::method_noneap::method_noneap(_Inout_ method_noneap &&other) : + m_packet_res(std::move(other.m_packet_res)), + method (std::move(other )) +{ +} + + +eap::method_noneap& eap::method_noneap::operator=(_Inout_ method_noneap &&other) +{ + if (this != std::addressof(other)) { + assert(std::addressof(m_cred) == std::addressof(other.m_cred)); // Move method with same credentials only! + (method&)*this = std::move(other ); + m_packet_res = std::move(other.m_packet_res); + } + + return *this; +} + + +void eap::method_noneap::get_response_packet( + _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, + _Inout_ DWORD *pdwSendPacketSize) +{ + assert(pdwSendPacketSize); + assert(pSendPacket); + + size_t size_packet = m_packet_res.size(); + if (size_packet > *pdwSendPacketSize) + throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", size_packet, *pdwSendPacketSize).c_str()); + + memcpy(pSendPacket, m_packet_res.data(), size_packet); + *pdwSendPacketSize = (DWORD)size_packet; + m_packet_res.clear(); +} diff --git a/lib/MSCHAPv2/include/Method.h b/lib/MSCHAPv2/include/Method.h index 0fc435b..b8efad1 100644 --- a/lib/MSCHAPv2/include/Method.h +++ b/lib/MSCHAPv2/include/Method.h @@ -37,7 +37,7 @@ namespace eap namespace eap { - class method_mschapv2 : public method + class method_mschapv2 : public method_noneap { public: /// @@ -89,15 +89,6 @@ namespace eap _In_ DWORD dwReceivedPacketSize, _Inout_ EapPeerMethodOutput *pEapOutput); - /// - /// Obtains a response packet from the EAP method. - /// - /// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx) - /// - virtual void get_response_packet( - _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, - _Inout_ DWORD *pdwSendPacketSize); - /// /// Obtains the result of an authentication session from the EAP method. /// @@ -112,8 +103,6 @@ namespace eap protected: credentials_mschapv2 &m_cred; ///< EAP-TLS user credentials - sanitizing_blob m_packet_res; ///< Response packet - enum { phase_unknown = -1, ///< Unknown phase phase_init = 0, ///< Handshake initialize diff --git a/lib/MSCHAPv2/src/Method.cpp b/lib/MSCHAPv2/src/Method.cpp index 9b4568b..910d5e3 100644 --- a/lib/MSCHAPv2/src/Method.cpp +++ b/lib/MSCHAPv2/src/Method.cpp @@ -32,17 +32,16 @@ eap::method_mschapv2::method_mschapv2(_In_ module &module, _In_ config_method_ms m_cred(cred), m_phase(phase_unknown), m_phase_prev(phase_unknown), - method(module, cfg, cred) + method_noneap(module, cfg, cred) { } eap::method_mschapv2::method_mschapv2(_Inout_ method_mschapv2 &&other) : - m_cred ( other.m_cred ), - m_packet_res(std::move(other.m_packet_res)), - m_phase (std::move(other.m_phase )), - m_phase_prev(std::move(other.m_phase_prev)), - method (std::move(other )) + m_cred ( other.m_cred ), + m_phase (std::move(other.m_phase )), + m_phase_prev (std::move(other.m_phase_prev)), + method_noneap(std::move(other )) { } @@ -51,10 +50,9 @@ eap::method_mschapv2& eap::method_mschapv2::operator=(_Inout_ method_mschapv2 && { if (this != std::addressof(other)) { assert(std::addressof(m_cred) == std::addressof(other.m_cred)); // Move method with same credentials only! - (method&)*this = std::move(other ); - m_packet_res = std::move(other.m_packet_res); - m_phase = std::move(other.m_phase ); - m_phase_prev = std::move(other.m_phase_prev); + (method_noneap&)*this = std::move(other ); + m_phase = std::move(other.m_phase ); + m_phase_prev = std::move(other.m_phase_prev); } return *this; @@ -67,7 +65,7 @@ void eap::method_mschapv2::begin_session( _In_ HANDLE hTokenImpersonateUser, _In_opt_ DWORD dwMaxSendPacketSize) { - method::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); + method_noneap::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_legacy_mschapv2), event_data::blank); m_phase = phase_init; @@ -148,23 +146,6 @@ void eap::method_mschapv2::process_request_packet( } -void eap::method_mschapv2::get_response_packet( - _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, - _Inout_ DWORD *pdwSendPacketSize) -{ - assert(pdwSendPacketSize); - assert(pSendPacket); - - size_t size_packet = m_packet_res.size(); - if (size_packet > *pdwSendPacketSize) - throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", size_packet, *pdwSendPacketSize).c_str()); - - memcpy(pSendPacket, m_packet_res.data(), size_packet); - *pdwSendPacketSize = (DWORD)size_packet; - m_packet_res.clear(); -} - - void eap::method_mschapv2::get_result( _In_ EapPeerMethodResultReason reason, _Inout_ EapPeerMethodResult *ppResult) diff --git a/lib/PAP/include/Method.h b/lib/PAP/include/Method.h index 6540b39..51bada8 100644 --- a/lib/PAP/include/Method.h +++ b/lib/PAP/include/Method.h @@ -37,7 +37,7 @@ namespace eap namespace eap { - class method_pap : public method + class method_pap : public method_noneap { public: /// @@ -89,15 +89,6 @@ namespace eap _In_ DWORD dwReceivedPacketSize, _Inout_ EapPeerMethodOutput *pEapOutput); - /// - /// Obtains a response packet from the EAP method. - /// - /// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx) - /// - virtual void get_response_packet( - _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, - _Inout_ DWORD *pdwSendPacketSize); - /// /// Obtains the result of an authentication session from the EAP method. /// @@ -112,8 +103,6 @@ namespace eap protected: credentials_pap &m_cred; ///< EAP-TLS user credentials - sanitizing_blob m_packet_res; ///< Response packet - enum { phase_unknown = -1, ///< Unknown phase phase_init = 0, ///< Handshake initialize diff --git a/lib/PAP/src/Method.cpp b/lib/PAP/src/Method.cpp index ab59d9b..cbfc7cc 100644 --- a/lib/PAP/src/Method.cpp +++ b/lib/PAP/src/Method.cpp @@ -32,17 +32,16 @@ eap::method_pap::method_pap(_In_ module &module, _In_ config_method_pap &cfg, _I m_cred(cred), m_phase(phase_unknown), m_phase_prev(phase_unknown), - method(module, cfg, cred) + method_noneap(module, cfg, cred) { } eap::method_pap::method_pap(_Inout_ method_pap &&other) : - m_cred ( other.m_cred ), - m_packet_res(std::move(other.m_packet_res)), - m_phase (std::move(other.m_phase )), - m_phase_prev(std::move(other.m_phase_prev)), - method (std::move(other )) + m_cred ( other.m_cred ), + m_phase (std::move(other.m_phase )), + m_phase_prev (std::move(other.m_phase_prev)), + method_noneap(std::move(other )) { } @@ -51,10 +50,9 @@ eap::method_pap& eap::method_pap::operator=(_Inout_ method_pap &&other) { if (this != std::addressof(other)) { assert(std::addressof(m_cred) == std::addressof(other.m_cred)); // Move method with same credentials only! - (method&)*this = std::move(other ); - m_packet_res = std::move(other.m_packet_res); - m_phase = std::move(other.m_phase ); - m_phase_prev = std::move(other.m_phase_prev); + (method_noneap&)*this = std::move(other ); + m_phase = std::move(other.m_phase ); + m_phase_prev = std::move(other.m_phase_prev); } return *this; @@ -67,7 +65,7 @@ void eap::method_pap::begin_session( _In_ HANDLE hTokenImpersonateUser, _In_opt_ DWORD dwMaxSendPacketSize) { - method::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); + method_noneap::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize); m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_legacy_pap), event_data::blank); m_phase = phase_init; @@ -148,23 +146,6 @@ void eap::method_pap::process_request_packet( } -void eap::method_pap::get_response_packet( - _Inout_bytecap_(*dwSendPacketSize) void *pSendPacket, - _Inout_ DWORD *pdwSendPacketSize) -{ - assert(pdwSendPacketSize); - assert(pSendPacket); - - size_t size_packet = m_packet_res.size(); - if (size_packet > *pdwSendPacketSize) - throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", size_packet, *pdwSendPacketSize).c_str()); - - memcpy(pSendPacket, m_packet_res.data(), size_packet); - *pdwSendPacketSize = (DWORD)size_packet; - m_packet_res.clear(); -} - - void eap::method_pap::get_result( _In_ EapPeerMethodResultReason reason, _Inout_ EapPeerMethodResult *ppResult)