Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

WinStd: Update

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2022-03-02 11:59:26 +01:00
parent 831dcf680c
commit a2cab07a30
26 changed files with 125 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
EAPMethods/Main_UI.cpp
View File

@ -171,7 +171,7 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Create configuration XML document.
com_obj<IXMLDOMDocument2> pConfigDoc;
if (FAILED(hr = pConfigDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER)))
if (FAILED(hr = CoCreateInstance(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER, pConfigDoc)))
return dwResult = g_peer.log_error(ppEapError, HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error creating XML document."));
pConfigDoc->put_async(VARIANT_FALSE);

12
EAPMethods/Register.cpp
View File

@ -44,12 +44,15 @@ STDAPI DllRegisterServer()
try {
tstring sz, sz2;
reg_key key_methods, key_author, key_method;
if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY, key_methods);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%u"), EAPMETHOD_AUTHOR_ID);
if (!key_author.create(key_methods, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_methods, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_author, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
set_value(key_author, NULL, _T(PRODUCT_NAME_STR));
sprintf(sz, _T("%u"), EAPMETHOD_TYPE);
if (!key_method.create(key_author, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_author, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_method, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
if (!GetModuleFileName(g_peer.m_instance, sz)) throw win_runtime_error("GetModuleFileName failed.");
sprintf(sz2, _T("@%s,-1"), sz.c_str());
set_value(key_method, _T("PeerDllPath") , sz);
@ -77,7 +80,8 @@ STDAPI DllUnregisterServer()
try {
tstring sz;
reg_key key_methods;
if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ, key_methods);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%u\\%u"), EAPMETHOD_AUTHOR_ID, EAPMETHOD_TYPE);
if (!key_methods.delete_subkey(sz.c_str())) throw win_runtime_error();
} catch(...) {}

12
EAPMethods/Register_UI.cpp
View File

@ -44,12 +44,15 @@ STDAPI DllRegisterServer()
try {
tstring sz;
reg_key key_methods, key_author, key_method;
if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_CREATE_SUB_KEY, key_methods);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%u"), EAPMETHOD_AUTHOR_ID);
if (!key_author.create(key_methods, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_methods, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_author, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
set_value(key_author, NULL, _T(PRODUCT_NAME_STR));
sprintf(sz, _T("%u"), EAPMETHOD_TYPE);
if (!key_method.create(key_author, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_author, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_method, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
if (!GetModuleFileName(g_peer.m_instance, sz)) throw win_runtime_error("GetModuleFileName failed.");
set_value(key_method, _T("PeerConfigUIPath") , sz);
set_value(key_method, _T("PeerIdentityPath") , sz);
@ -78,7 +81,8 @@ STDAPI DllUnregisterServer()
try {
tstring sz;
reg_key key_methods;
if (!key_methods.open(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SYSTEM\\CurrentControlSet\\services\\EapHost\\Methods"), 0, KEY_READ, key_methods);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%u\\%u"), EAPMETHOD_AUTHOR_ID, EAPMETHOD_TYPE);
key_methods.delete_subkey(sz.c_str());
} catch(...) {}

4
EventMonitor/ETWLog.cpp
View File

@ -64,8 +64,8 @@ wxEventTraceProcessorThread::wxEventTraceProcessorThread(wxEvtHandler *parent, c
for (size_t i = 0, i_end = sessions.GetCount(); i < i_end; i++) {
// Open trace.
tlf.LoggerName = const_cast<LPTSTR>((LPCTSTR)(sessions[i]));
event_trace trace;
if (!trace.create(&tlf)) {
event_trace trace(OpenTrace(&tlf));
if (!trace) {
wxLogError(_("Error opening event trace (error %u)."), GetLastError());
continue;
}

11
EventMonitor/Frame.cpp
View File

@ -33,14 +33,9 @@ wxEventMonitorFrame::wxEventMonitorFrame(wxWindow* parent, wxWindowID id, const
wxString prod_status_bar;
prod_status_bar.Printf(_("Toggles display of %s records"), wxT(PRODUCT_NAME_STR));
winstd::library lib_comres;
lib_comres.load(_T("comres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE);
winstd::library lib_ieframe;
lib_ieframe.load(_T("ieframe.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE);
winstd::library lib_shell32;
lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE);
winstd::library lib_comres(LoadLibraryEx(_T("comres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
winstd::library lib_ieframe(LoadLibraryEx(_T("ieframe.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
wxSize size_menu(GetSystemMetrics(SM_CXSMICON), GetSystemMetrics(SM_CYSMICON));
wxSize size_tool(size_menu);

7
MsiUseFeature/Main.cpp
View File

@ -40,13 +40,14 @@ static int MsiUseFeature()
if (nArgs > 2) {
reg_key key;
if (!key.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR), 0, KEY_READ)) {
OutputDebugStr(_T("Product registry key cannot be opened (error %u).\n"), GetLastError());
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR), 0, KEY_READ, key);
if (s != ERROR_SUCCESS) {
OutputDebugStr(_T("Product registry key cannot be opened (error %u).\n"), s);
return 3;
}
wstring lang;
LSTATUS s = RegQueryStringValue(key, _T("Language"), lang);
s = RegQueryStringValue(key, _T("Language"), lang);
if (s != ERROR_SUCCESS) {
OutputDebugStr(_T("Error reading registry value (error %u).\n"), s);
return 3;

13
WLANManager/Main.cpp
View File

@ -53,8 +53,9 @@ static int WLANManager()
// Open WLAN handle.
DWORD dwNegotiatedVersion;
wlan_handle wlan;
if (!wlan.open(WLAN_API_MAKE_VERSION(2, 0), &dwNegotiatedVersion)) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanOpenHandle"), GetLastError());
DWORD dwResult = WlanOpenHandle(WLAN_API_MAKE_VERSION(2, 0), NULL, &dwNegotiatedVersion, wlan);
if (dwResult != ERROR_SUCCESS) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanOpenHandle"), dwResult);
return 2;
} else if (dwNegotiatedVersion < WLAN_API_MAKE_VERSION(2, 0)) {
DisplayError(_T("WlanOpenHandle negotiated unsupported version (expected: %u, negotiated: %u)."), WLAN_API_MAKE_VERSION(2, 0), dwNegotiatedVersion);
@ -65,7 +66,7 @@ static int WLANManager()
{
// Get a list of WLAN interfaces.
WLAN_INTERFACE_INFO_LIST *pInterfaceList;
DWORD dwResult = WlanEnumInterfaces(wlan, NULL, &pInterfaceList);
dwResult = WlanEnumInterfaces(wlan, NULL, &pInterfaceList);
if (dwResult != ERROR_SUCCESS) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanEnumInterfaces"), dwResult);
return 4;
@ -84,7 +85,7 @@ static int WLANManager()
if (!interface_name.empty()) {
// Read the interface name from registry.
reg_key key;
if (key.open(HKEY_LOCAL_MACHINE, tstring_printf(_T("SYSTEM\\CurrentControlSet\\Control\\Network\\%s\\%s\\Connection"), devclass_net.c_str(), tstring_guid(interfaces->InterfaceInfo[i].InterfaceGuid).c_str()).c_str(), 0, KEY_READ)) {
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, tstring_printf(_T("SYSTEM\\CurrentControlSet\\Control\\Network\\%s\\%s\\Connection"), devclass_net.c_str(), tstring_guid(interfaces->InterfaceInfo[i].InterfaceGuid).c_str()).c_str(), 0, KEY_READ, key) == ERROR_SUCCESS) {
wstring name;
if (RegQueryStringValue(key, _T("Name"), name) == ERROR_SUCCESS && _wcsicmp(interface_name.c_str(), name.c_str()) != 0) {
// Not the interface we are interested in.
@ -97,7 +98,7 @@ static int WLANManager()
{
// Get a list of profiles.
WLAN_PROFILE_INFO_LIST *pProfileList;
DWORD dwResult = WlanGetProfileList(wlan, &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, &pProfileList);
dwResult = WlanGetProfileList(wlan, &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, &pProfileList);
if (dwResult != ERROR_SUCCESS) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanGetProfileList"), dwResult);
return 4;
@ -117,7 +118,7 @@ static int WLANManager()
// Launch WLAN profile config dialog.
WLAN_REASON_CODE wlrc = L2_REASON_CODE_SUCCESS;
#pragma warning(suppress: 6387) // TODO: MSDN nor SAL annotation don't indicate NULL HWND are OK with WlanUIEditProfile().
DWORD dwResult = WlanUIEditProfile(WLAN_UI_API_VERSION, pwcArglist[2], &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, WLSecurityPage, NULL, &wlrc);
dwResult = WlanUIEditProfile(WLAN_UI_API_VERSION, pwcArglist[2], &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, WLSecurityPage, NULL, &wlrc);
if (dwResult != ERROR_SUCCESS) {
// WlanUIEditProfile() displays own error dialog on failure.
//DisplayError(_T("%s function failed (error %u)."), _T("WlanUIEditProfile"), dwResult);

2
lib/EAPBase/include/EAP.h
View File

@ -1264,7 +1264,7 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ winstd::cert_contex
if (dwCertEncodedSize) {
auto ptr_end = cursor.ptr + dwCertEncodedSize;
assert(ptr_end <= cursor.ptr_end);
val.create(dwCertEncodingType, (BYTE*)cursor.ptr, dwCertEncodedSize);
val = CertCreateCertificateContext(dwCertEncodingType, (BYTE*)cursor.ptr, dwCertEncodedSize);
cursor.ptr = ptr_end;
} else
val.free();

12
lib/EAPBase/include/Module.h
View File

@ -407,7 +407,7 @@ namespace eap
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, s_rsa_key, sizeof(s_rsa_key), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size))
throw winstd::win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed.");
if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0))
if (!CryptImportKey(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0, key_rsa))
throw winstd::win_runtime_error(__FUNCTION__ " Key import failed.");
// Import the 256-bit AES session key.
@ -482,7 +482,7 @@ namespace eap
{
// Create hash.
winstd::crypt_hash hash;
if (!hash.create(hProv, CALG_MD5))
if (!CryptCreateHash(hProv, CALG_MD5, NULL, 0, hash))
throw winstd::win_runtime_error(__FUNCTION__ " Creating MD5 hash failed.");
DWORD dwHashSize;
CryptGetHashParam(hash, HP_HASHSIZE, dwHashSize, 0);
@ -563,7 +563,7 @@ namespace eap
#if EAP_ENCRYPT_BLOBS
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Decrypt data.
@ -592,7 +592,7 @@ namespace eap
#if EAP_ENCRYPT_BLOBS
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Decrypt data.
@ -627,7 +627,7 @@ namespace eap
#if EAP_ENCRYPT_BLOBS
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Encrypt BLOB.
@ -675,7 +675,7 @@ namespace eap
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw winstd::win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// Encrypt BLOB.

6
lib/EAPBase/src/Credentials.cpp
View File

@ -403,7 +403,7 @@ void eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
// <Password>
@ -459,7 +459,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot)
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
m_password = m_module.decrypt_str<char_traits<wchar_t>, sanitizing_allocator<wchar_t> >(cp, password_enc.data(), password_enc.size());
@ -473,7 +473,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot)
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(__FUNCTION__ " CryptAcquireContext failed.");
#pragma warning(suppress: 4996) // Support for backward compatibility.

9
lib/EAPBase/src/Module.cpp
View File

@ -16,12 +16,11 @@ using namespace winstd;
eap::module::module(_In_ eap_type_t eap_method) :
m_eap_method(eap_method),
m_instance(NULL)
m_instance(NULL),
m_heap(HeapCreate(0, 0, 0))
{
m_ep.create(&EAPMETHOD_TRACE_EVENT_PROVIDER);
m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_LOAD, event_data((unsigned int)m_eap_method), blank_event_data);
m_heap.create(0, 0, 0);
}
@ -186,7 +185,7 @@ std::vector<unsigned char> eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, s_rsa_key, sizeof(s_rsa_key), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size))
throw winstd::win_runtime_error(__FUNCTION__ " CryptDecodeObjectEx failed.");
if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0))
if (!CryptImportKey(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0, key_rsa))
throw winstd::win_runtime_error(__FUNCTION__ " Key import failed.");
// Export AES session key encrypted with public RSA key.
@ -215,7 +214,7 @@ std::vector<unsigned char> eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_b
{
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5))
if (!CryptCreateHash(hProv, CALG_MD5, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating MD5 hash failed.");
// Encrypt data.

14
lib/EAPBase_UI/include/EAP_UI.h
View File

@ -744,8 +744,8 @@ public:
m_sb_credentials->GetStaticBox()->SetLabel(method.empty() ? wxString::Format(_("%s User Credentials"), cfg.get_method_str()) : method);
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(/*16770*/269)));
}
@ -1032,8 +1032,8 @@ public:
wxEAPCredentialsPanel<_Tcred, _Tbase>(prov, cfg, cred, parent, is_config)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(/*16770*/269)));
bool layout = false;
@ -1110,9 +1110,9 @@ public:
wxIdentityCredentialsPanel<_Tcred, _Tbase>(prov, cfg, cred, parent, is_config)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("imageres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(82)));
winstd::library lib_imageres(LoadLibraryEx(_T("imageres.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_imageres)
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_imageres, MAKEINTRESOURCE(82)));
if (!m_prov.m_lbl_alt_password.empty()) {
m_password_label->SetLabel(m_prov.m_lbl_alt_password);

24
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@ -182,8 +182,8 @@ void wxEAPNotePanel::CreateContactFields(const eap::config_provider &prov)
wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &prov, wxWindow* parent) : wxEAPNotePanel(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(48)));
m_note_label->SetLabel(wxString::Format(_("%s has pre-set parts of this configuration. Those parts are locked to prevent accidental modification."),
@ -203,8 +203,8 @@ wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &p
wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method::status_t status, wxWindow* parent) : wxEAPNotePanel(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(161)));
m_note_label->SetLabel((
@ -285,8 +285,8 @@ wxEAPProviderContactInfoPanel::wxEAPProviderContactInfoPanel(eap::config_provide
wxEAPProviderContactInfoPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_provider_contact_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(259)));
}
@ -328,8 +328,8 @@ wxEAPProviderIDPanel::wxEAPProviderIDPanel(eap::config_provider &prov, wxWindow*
wxEAPProviderIDPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_provider_id_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(29)));
}
@ -367,8 +367,8 @@ wxEAPProviderLockPanel::wxEAPProviderLockPanel(eap::config_provider &prov, wxWin
wxEAPProviderLockPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_provider_lock_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(1003)));
}
@ -465,8 +465,8 @@ wxEAPIdentityConfigPanel::wxEAPIdentityConfigPanel(const eap::config_provider &p
wxEAPIdentityConfigPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_identity_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(265)));
}

4
lib/EAPBase_UI/src/Module.cpp
View File

@ -171,8 +171,8 @@ void eap::monitor_ui::release_slaves(_In_bytecount_(size) const void *data, _In_
GetWindowThreadProcessId(*slave, &pid_slave);
// Get slave's process handle.
process proc_slave;
if (!proc_slave.open(PROCESS_VM_OPERATION | PROCESS_VM_WRITE, 0, pid_slave))
process proc_slave(OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE, 0, pid_slave));
if (!proc_slave)
continue;
// Allocate memory in slave's virtual memory space and save data to it.

4
lib/EapHost_UI/src/EapHost_UI.cpp
View File

@ -31,8 +31,8 @@ wxEapHostMethodConfigPanel::wxEapHostMethodConfigPanel(const eap::config_provide
UNREFERENCED_PARAMETER(prov);
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_method_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(175)));
winstd::eap_method_info_array methods;

30
lib/Events/src/Register.cpp
View File

@ -65,9 +65,11 @@ STDAPI DllRegisterServer()
// Register event channels.
reg_key key_channels, key_channels_operational, key_channels_analytic;
if (!key_channels.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_CREATE_SUB_KEY, key_channels);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%s/Operational"), event_provider_name.c_str());
if (!key_channels_operational.create(key_channels, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_channels, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channels_operational, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
set_value(key_channels_operational, _T("OwningPublisher") , event_provider_guid);
set_value(key_channels_operational, _T("Enabled") , (DWORD)0);
set_value(key_channels_operational, _T("Isolation") , (DWORD)0);
@ -78,7 +80,8 @@ STDAPI DllRegisterServer()
set_value(key_channels_operational, _T("AutoBackupLogFiles"), (DWORD)0);
set_value(key_channels_operational, _T("Type") , (DWORD)1);
sprintf(sz, _T("%s/Analytic"), event_provider_name.c_str());
if (!key_channels_analytic.create(key_channels, sz.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_channels, sz.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channels_analytic, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
set_value(key_channels_analytic, _T("OwningPublisher"), event_provider_guid);
set_value(key_channels_analytic, _T("Enabled") , (DWORD)0);
set_value(key_channels_analytic, _T("Isolation") , (DWORD)0);
@ -90,8 +93,10 @@ STDAPI DllRegisterServer()
// Register event publishers.
reg_key key_publishers, key_event_source;
if (!key_publishers.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_CREATE_SUB_KEY)) throw win_runtime_error();
if (!key_event_source.create(key_publishers, event_provider_guid.c_str(), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_CREATE_SUB_KEY, key_publishers);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
s = RegCreateKeyEx(key_publishers, event_provider_guid.c_str(), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_event_source, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
set_value(key_event_source, NULL , event_provider_name);
if (!GetModuleFileName(g_hInstance, sz)) throw win_runtime_error("GetModuleFileName failed.");
set_value(key_event_source, _T("MessageFileName") , sz);
@ -100,13 +105,16 @@ STDAPI DllRegisterServer()
// Bind channels and publishers.
reg_key key_channel_refs, key_channel_refs_operational, key_channel_refs_analytic;
if (!key_channel_refs.create(key_event_source, _T("ChannelReferences"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
if (!key_channel_refs_operational.create(key_channel_refs, _T("0"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_event_source, _T("ChannelReferences"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
s = RegCreateKeyEx(key_channel_refs, _T("0"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs_operational, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%s/Operational"), event_provider_name.c_str());
set_value(key_channel_refs_operational, NULL , sz);
set_value(key_channel_refs_operational, _T("Id") , (DWORD)16);
set_value(key_channel_refs_operational, _T("Flags"), (DWORD)0);
if (!key_channel_refs_analytic.create(key_channel_refs, _T("1"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) throw win_runtime_error();
s = RegCreateKeyEx(key_channel_refs, _T("1"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key_channel_refs_analytic, NULL);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
sprintf(sz, _T("%s/Analytic"), event_provider_name.c_str());
set_value(key_channel_refs_analytic, NULL , sz);
set_value(key_channel_refs_analytic, _T("Id") , (DWORD)17);
@ -134,14 +142,16 @@ STDAPI DllUnregisterServer()
// Unregister event publishers.
try {
reg_key key_publishers;
if (!key_publishers.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_READ)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Publishers"), 0, KEY_READ, key_publishers);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
key_publishers.delete_subkey(tstring_guid(EAPMETHOD_TRACE_EVENT_PROVIDER).c_str());
} catch(...) {}
// Unregister event channels.
try {
reg_key key_channels;
if (!key_channels.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_READ)) throw win_runtime_error();
LSTATUS s = RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WINEVT\\Channels"), 0, KEY_READ, key_channels);
if (s != ERROR_SUCCESS) throw win_runtime_error(s);
key_channels.delete_subkey(_T(VENDOR_NAME_STR) _T("-") _T(PRODUCT_NAME_STR) _T("-EAPMethod/Operational"));
key_channels.delete_subkey(_T(VENDOR_NAME_STR) _T("-") _T(PRODUCT_NAME_STR) _T("-EAPMethod/Analytic"));
} catch(...) {}

4
lib/GTC_UI/src/GTC_UI.cpp
View File

@ -115,8 +115,8 @@ wxGTCResponsePanel::wxGTCResponsePanel(winstd::sanitizing_wstring &response, con
m_response_value(response)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_shell32)
m_response_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(24)));
// Set challenge label.

12
lib/MSCHAPv2/src/MSCHAPv2.cpp
View File

@ -56,7 +56,7 @@ crypt_key eap::create_des_key(_In_ HCRYPTPROV cp, _In_count_(size) const unsigne
// Import key.
crypt_key k;
if (!k.import(cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0))
if (!CryptImportKey(cp, key_blob.data(), (DWORD)key_blob.size(), NULL, 0, k))
throw winstd::win_runtime_error(__FUNCTION__ " Error importing key 1/3.");
return k;
}
@ -90,7 +90,7 @@ eap::challenge_hash::challenge_hash(
_In_z_ const char *username)
{
crypt_hash hash;
if (!hash.create(cp, CALG_SHA))
if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed.");
if (!CryptHashData(hash, (const BYTE*)&challenge_client , (DWORD)sizeof(challenge_client), 0) ||
!CryptHashData(hash, challenge_server.data(), (DWORD)challenge_server.size() , 0) ||
@ -135,7 +135,7 @@ eap::nt_password_hash::nt_password_hash(
_In_z_ const wchar_t *password)
{
crypt_hash hash;
if (!hash.create(cp, CALG_MD4))
if (!CryptCreateHash(cp, CALG_MD4, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating MD4 hash failed.");
if (!CryptHashData(hash, (const BYTE*)password, (DWORD)(wcslen(password) * sizeof(wchar_t)), 0))
throw win_runtime_error(__FUNCTION__ " Error hashing data.");
@ -150,7 +150,7 @@ eap::nt_password_hash::nt_password_hash(
_In_ const nt_password_hash &pwd_hash)
{
crypt_hash hash;
if (!hash.create(cp, CALG_MD4))
if (!CryptCreateHash(cp, CALG_MD4, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating MD4 hash failed.");
if (!CryptHashData(hash, (const BYTE*)&pwd_hash, (DWORD)sizeof(pwd_hash), 0))
throw win_runtime_error(__FUNCTION__ " Error hashing data.");
@ -271,7 +271,7 @@ eap::authenticator_response::authenticator_response(
nt_password_hash hash_hash_pwd(cp, nt_password_hash(cp, password));
crypt_hash hash;
if (!hash.create(cp, CALG_SHA))
if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed.");
if (!CryptHashData(hash, (const BYTE*)&hash_hash_pwd, (DWORD)sizeof(hash_hash_pwd), 0) ||
!CryptHashData(hash, (const BYTE*)&nt_resp , (DWORD)sizeof(nt_resp ), 0) ||
@ -291,7 +291,7 @@ eap::authenticator_response::authenticator_response(
};
challenge_hash challenge(cp, challenge_server, challenge_client, username);
if (!hash.create(cp, CALG_SHA))
if (!CryptCreateHash(cp, CALG_SHA, NULL, 0, hash))
throw win_runtime_error(__FUNCTION__ " Creating SHA hash failed.");
if (!CryptHashData(hash, hash_val , size_hash_val , 0) ||
!CryptHashData(hash, (const BYTE*)&challenge, (DWORD)sizeof(challenge), 0) ||

2
lib/MSCHAPv2/src/Method.cpp
View File

@ -38,7 +38,7 @@ void eap::method_mschapv2_base::begin_session(
m_cfg.m_last_msg.clear();
// Create cryptographics provider for support needs (client challenge ...).
if (!m_cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
if (!CryptAcquireContext(m_cp, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
throw win_runtime_error(__FUNCTION__ " Error creating cryptographics provider.");
}

4
lib/TLS/include/Module.h
View File

@ -96,8 +96,8 @@ namespace eap
public:
module &m_module; ///< Module
winstd::win_handle<NULL> m_thread; ///< Thread
winstd::win_handle<NULL> m_abort; ///< Thread abort event
winstd::thread m_thread; ///< Thread
winstd::event m_abort; ///< Thread abort event
winstd::cert_context m_cert; ///< Server certificate
};

4
lib/TLS/src/Config.cpp
View File

@ -242,8 +242,8 @@ eap::credentials* eap::config_method_tls::make_credentials() const
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ LPCBYTE pbCertEncoded, _In_ DWORD cbCertEncoded)
{
cert_context cert;
if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) {
cert_context cert(CertCreateCertificateContext(dwCertEncodingType, pbCertEncoded, cbCertEncoded));
if (!cert) {
// Invalid or unsupported certificate.
return false;
}

6
lib/TLS/src/Credentials.cpp
View File

@ -205,9 +205,9 @@ std::wstring eap::credentials_tls::get_identity() const
return m_identity;
} else if (!m_cert_hash.empty()) {
// Find certificate in the store.
winstd::cert_store store;
vector<unsigned char> hash;
if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) {
winstd::cert_store store(CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My")));
if (!!store) {
vector<unsigned char> hash;
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) {
if (CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID, hash) &&
hash == m_cert_hash)

11
lib/TLS/src/Method.cpp
View File

@ -195,7 +195,8 @@ void eap::method_tls::begin_session(
#endif
}
if (!m_store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My")))
m_store = CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"));
if (!m_store)
throw win_runtime_error(__FUNCTION__ " CertOpenStore failed.");
// Prepare client credentials for Schannel.
@ -372,7 +373,7 @@ EapPeerMethodResponseAction eap::method_tls::process_request_packet(
// Verify cached CRL (entire chain).
reg_key key;
if (key.open(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), 0, KEY_READ)) {
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), 0, KEY_READ, key) == ERROR_SUCCESS) {
wstring hash_unicode;
vector<unsigned char> hash, subj;
for (cert_context c(m_sc_cert); c;) {
@ -731,8 +732,8 @@ void eap::method_tls::verify_server_trust() const
throw sec_runtime_error(SEC_E_CERT_UNKNOWN, __FUNCTION__ " Server is using a self-signed certificate. Cannot trust it.");
// Create temporary certificate store of our trusted root CAs.
cert_store store;
if (!store.create(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, 0, NULL))
cert_store store(CertOpenStore(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, 0, NULL));
if (!store)
throw win_runtime_error(__FUNCTION__ " Error creating temporary certificate store.");
for (auto c = m_cfg.m_trusted_root_ca.cbegin(), c_end = m_cfg.m_trusted_root_ca.cend(); c != c_end; ++c)
CertAddCertificateContextToStore(store, *c, CERT_STORE_ADD_REPLACE_EXISTING, NULL);
@ -770,7 +771,7 @@ void eap::method_tls::verify_server_trust() const
#endif
};
cert_chain_context context;
if (!context.create(NULL, m_sc_cert, NULL, store, &chain_params, 0))
if (!CertGetCertificateChain(NULL, m_sc_cert, NULL, store, &chain_params, 0, NULL, context))
throw win_runtime_error(__FUNCTION__ " Error creating certificate chain context.");
// Check chain validation error flags. Ignore CERT_TRUST_IS_UNTRUSTED_ROOT flag since we check root CA explicitly.

2
lib/TLS/src/Module.cpp
View File

@ -202,7 +202,7 @@ DWORD WINAPI eap::peer_tls_base::crl_checker::verify(_In_ crl_checker *obj)
// One of the certificates in the chain was revoked as compromised. Black-list it.
obj->m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_REVOKED, event_data((unsigned int)obj->m_module.m_eap_method), event_data(subj), event_data(status_rev.dwReason), blank_event_data);
reg_key key;
if (key.create(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE)) {
if (RegCreateKeyEx(HKEY_LOCAL_MACHINE, _T("SOFTWARE\\") _T(VENDOR_NAME_STR) _T("\\") _T(PRODUCT_NAME_STR) _T("\\TLSCRL"), NULL, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, key, NULL) == ERROR_SUCCESS) {
vector<unsigned char> hash;
if (CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID, hash)) {
wstring hash_unicode;

22
lib/TLS_UI/src/TLS_UI.cpp
View File

@ -118,13 +118,13 @@ wxTLSCredentialsPanel::wxTLSCredentialsPanel(const eap::config_provider &prov, c
wxEAPCredentialsPanel<eap::credentials_tls, wxTLSCredentialsPanelBase>(prov, cfg, cred, parent, is_config)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(6170)));
winstd::library lib_certmgr(LoadLibraryEx(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_certmgr)
m_credentials_icon->SetIcon(wxLoadIconFromResource(lib_certmgr, MAKEINTRESOURCE(6170)));
// Populate certificate list.
winstd::cert_store store;
if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) {
winstd::cert_store store(CertOpenStore(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My")));
if (!!store) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) {
DWORD dwKeySpec = 0, dwSize = sizeof(dwKeySpec);
if (!CertGetCertificateContextProperty(cert, CERT_KEY_SPEC_PROP_ID, &dwKeySpec, &dwSize) || !dwKeySpec) {
@ -202,8 +202,8 @@ wxTLSServerTrustPanel::wxTLSServerTrustPanel(const eap::config_provider &prov, e
wxTLSServerTrustPanelBase(parent)
{
// Load and set icon.
winstd::library lib_certmgr;
if (lib_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
winstd::library lib_certmgr(LoadLibraryEx(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));
if (!!lib_certmgr)
m_server_trust_icon->SetIcon(wxLoadIconFromResource(lib_certmgr, MAKEINTRESOURCE(379)));
// Do not use cfg.m_server_names directly, so we can decide not to store the value in case of provider-locked configuration.
@ -294,8 +294,8 @@ void wxTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event)
{
wxTLSServerTrustPanelBase::OnRootCAAddStore(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_store store(CertOpenSystemStore(NULL, _T("ROOT")));
if (!!store) {
winstd::cert_context cert;
#pragma warning(suppress: 6387) // The pvReserved parameter is annotated as _In_
cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL));
@ -323,8 +323,8 @@ void wxTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event)
open_dialog.GetPaths(paths);
for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) {
// Load certificate(s) from file.
winstd::cert_store cs;
if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, static_cast<LPCTSTR>(paths[i]))) {
winstd::cert_store cs(CertOpenStore(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, static_cast<LPCTSTR>(paths[i])));
if (!!cs) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;)
AddRootCA(cert);
} else

2
lib/WinStd

@ -1 +1 @@
Subproject commit 328646b2d9d7100afe9d2d0a25e2c656241bb25b
Subproject commit ad76305ce9448249ab665bfca644a32600457e54