Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Common members from config_method_with_cred moved to parent config_method

Browse Source
This commit is contained in:
Simon Rozman 2016-09-29 11:23:22 +02:00
parent cbf7a7ff1f
commit b6adb2a850
13 changed files with 251 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
lib/EAPBase/include/Config.h
View File

@ -201,6 +201,25 @@ namespace eap
class config_method : public config class config_method : public config
{ {
public:
///
/// Authentication attempt status
///
enum status_t {
status_success = 0, ///< Authentication succeeded
status_auth_failed, ///< Authentication failed
status_cred_invalid, ///< Invalid credentials
status_cred_expired, ///< Credentials expired
status_cred_changing, ///< Credentials are being changed
status_account_disabled, ///< Account is disabled
status_account_logon_hours, ///< Restricted account logon hours
status_account_denied, ///< Account access is denied
// Meta statuses
status_cred_begin = status_cred_invalid, ///< First credential related problem
status_cred_end = status_cred_changing + 1, ///< First problem, that is not credential related any more
};
public: public:
/// ///
/// Constructs configuration /// Constructs configuration
@ -242,6 +261,52 @@ namespace eap
/// ///
config_method& operator=(_Inout_ config_method &&other); config_method& operator=(_Inout_ config_method &&other);
/// \name XML configuration management
/// @{
///
/// Save to XML document
///
/// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving
///
virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
///
/// Load from XML document
///
/// \param[in] pConfigRoot Root element for loading
///
virtual void load(_In_ IXMLDOMNode *pConfigRoot);
/// @}
/// \name BLOB management
/// @{
///
/// Packs a configuration
///
/// \param[inout] cursor Memory cursor
///
virtual void operator<<(_Inout_ cursor_out &cursor) const;
///
/// Returns packed size of a configuration
///
/// \returns Size of data when packed (in bytes)
///
virtual size_t get_pk_size() const;
///
/// Unpacks a configuration
///
/// \param[inout] cursor Memory cursor
///
virtual void operator>>(_Inout_ cursor_in &cursor);
/// @}
/// ///
/// Returns EAP method type of this configuration /// Returns EAP method type of this configuration
/// ///
@ -256,6 +321,9 @@ namespace eap
public: public:
const unsigned int m_level; ///< Config level (0=outer, 1=inner, 2=inner-inner...) const unsigned int m_level; ///< Config level (0=outer, 1=inner, 2=inner-inner...)
bool m_allow_save; ///< Are credentials allowed to be saved to Windows Credential Manager?
status_t m_last_status; ///< Status of authentication the last time
std::wstring m_last_msg; ///< Server message at the last authentication
}; };
@ -264,25 +332,6 @@ namespace eap
class config_method_with_cred : public config_method class config_method_with_cred : public config_method
{ {
public:
///
/// Authentication attempt status
///
enum status_t {
status_success = 0, ///< Authentication succeeded
status_auth_failed, ///< Authentication failed
status_cred_invalid, ///< Invalid credentials
status_cred_expired, ///< Credentials expired
status_cred_changing, ///< Credentials are being changed
status_account_disabled, ///< Account is disabled
status_account_logon_hours, ///< Restricted account logon hours
status_account_denied, ///< Account access is denied
// Meta statuses
status_cred_begin = status_cred_invalid, ///< First credential related problem
status_cred_end = status_cred_changing + 1, ///< First problem, that is not credential related any more
};
public: public:
/// ///
/// Constructs configuration /// Constructs configuration
@ -376,11 +425,8 @@ namespace eap
virtual credentials* make_credentials() const = 0; virtual credentials* make_credentials() const = 0;
public: public:
bool m_allow_save; ///< Are credentials allowed to be saved to Windows Credential Manager? bool m_use_cred; ///< Use configured credentials
bool m_use_cred; ///< Use configured credentials std::unique_ptr<credentials> m_cred; ///< Configured credentials
std::unique_ptr<credentials> m_cred; ///< Configured credentials
status_t m_last_status; ///< Status of authentication the last time
std::wstring m_last_msg; ///< Server message at the last authentication
}; };
@ -631,19 +677,19 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::config &val)
} }
inline void operator<<(_Inout_ eap::cursor_out &cursor, _In_ const eap::config_method_with_cred::status_t &val) inline void operator<<(_Inout_ eap::cursor_out &cursor, _In_ const eap::config_method::status_t &val)
{ {
cursor << (unsigned char)val; cursor << (unsigned char)val;
} }
inline size_t pksizeof(_In_ const eap::config_method_with_cred::status_t &val) inline size_t pksizeof(_In_ const eap::config_method::status_t &val)
{ {
return pksizeof((unsigned char)val); return pksizeof((unsigned char)val);
} }
inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::config_method_with_cred::status_t &val) inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::config_method::status_t &val)
{ {
cursor >> (unsigned char&)val; cursor >> (unsigned char&)val;
} }

6
lib/EAPBase/include/Method.h
View File

@ -61,7 +61,7 @@ namespace eap
/// \param[in] cfg Method configuration /// \param[in] cfg Method configuration
/// \param[in] cred User credentials /// \param[in] cred User credentials
/// ///
method(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred); method(_In_ module &module, _In_ config_method &cfg, _In_ credentials &cred);
/// ///
/// Moves an EAP method /// Moves an EAP method
@ -132,7 +132,7 @@ namespace eap
public: public:
module &m_module; ///< EAP module module &m_module; ///< EAP module
config_method_with_cred &m_cfg; ///< Connection configuration config_method &m_cfg; ///< Connection configuration
credentials &m_cred; ///< User credentials credentials &m_cred; ///< User credentials
std::vector<winstd::eap_attr> m_eap_attr; ///< EAP attributes std::vector<winstd::eap_attr> m_eap_attr; ///< EAP attributes
}; };
@ -150,7 +150,7 @@ namespace eap
/// \param[in] cfg Method configuration /// \param[in] cfg Method configuration
/// \param[in] cred User credentials /// \param[in] cred User credentials
/// ///
method_noneap(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred); method_noneap(_In_ module &module, _In_ config_method &cfg, _In_ credentials &cred);
/// ///
/// Moves an EAP method /// Moves an EAP method

241
lib/EAPBase/src/Config.cpp
View File

@ -103,22 +103,30 @@ const bstr eap::config::namespace_eapmetadata(L"urn:ietf:params:xml:ns:yang:ietf
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
eap::config_method::config_method(_In_ module &mod, _In_ unsigned int level) : eap::config_method::config_method(_In_ module &mod, _In_ unsigned int level) :
m_level(level), m_level (level),
config(mod) m_allow_save (true),
m_last_status(status_success),
config (mod)
{ {
} }
eap::config_method::config_method(_In_ const config_method &other) : eap::config_method::config_method(_In_ const config_method &other) :
m_level(other.m_level), m_level (other.m_level ),
config(other) m_allow_save (other.m_allow_save ),
m_last_status(other.m_last_status),
m_last_msg (other.m_last_msg ),
config (other )
{ {
} }
eap::config_method::config_method(_Inout_ config_method &&other) : eap::config_method::config_method(_Inout_ config_method &&other) :
m_level(other.m_level), m_level (std::move(other.m_level )),
config(std::move(other)) m_allow_save (std::move(other.m_allow_save )),
m_last_status(std::move(other.m_last_status)),
m_last_msg (std::move(other.m_last_msg )),
config (std::move(other ))
{ {
} }
@ -128,6 +136,9 @@ eap::config_method& eap::config_method::operator=(_In_ const config_method &othe
if (this != &other) { if (this != &other) {
assert(m_level == other.m_level); // Allow copy within same configuration level only. assert(m_level == other.m_level); // Allow copy within same configuration level only.
(config&)*this = other; (config&)*this = other;
m_allow_save = other.m_allow_save;
m_last_status = other.m_last_status;
m_last_msg = other.m_last_msg;
} }
return *this; return *this;
@ -138,83 +149,23 @@ eap::config_method& eap::config_method::operator=(_Inout_ config_method &&other)
{ {
if (this != &other) { if (this != &other) {
assert(m_level == other.m_level); // Allow move within same configuration level only. assert(m_level == other.m_level); // Allow move within same configuration level only.
(config&&)*this = std::move(other); (config&&)*this = std::move(other );
m_allow_save = std::move(other.m_allow_save );
m_last_status = std::move(other.m_last_status);
m_last_msg = std::move(other.m_last_msg );
} }
return *this; return *this;
} }
////////////////////////////////////////////////////////////////////// void eap::config_method::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
// eap::config_method_with_cred
//////////////////////////////////////////////////////////////////////
eap::config_method_with_cred::config_method_with_cred(_In_ module &mod, _In_ unsigned int level) :
m_allow_save (true),
m_use_cred (false),
m_last_status(status_success),
config_method(mod, level)
{
}
eap::config_method_with_cred::config_method_with_cred(_In_ const config_method_with_cred &other) :
m_allow_save (other.m_allow_save ),
m_use_cred (other.m_use_cred ),
m_cred (other.m_cred ? (credentials*)other.m_cred->clone() : nullptr),
m_last_status(other.m_last_status ),
m_last_msg (other.m_last_msg ),
config_method(other )
{
}
eap::config_method_with_cred::config_method_with_cred(_Inout_ config_method_with_cred &&other) :
m_allow_save (std::move(other.m_allow_save )),
m_use_cred (std::move(other.m_use_cred )),
m_cred (std::move(other.m_cred )),
m_last_status(std::move(other.m_last_status)),
m_last_msg (std::move(other.m_last_msg )),
config_method(std::move(other ))
{
}
eap::config_method_with_cred& eap::config_method_with_cred::operator=(_In_ const config_method_with_cred &other)
{
if (this != &other) {
(config_method&)*this = other;
m_allow_save = other.m_allow_save;
m_use_cred = other.m_use_cred;
m_cred.reset(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr);
m_last_status = other.m_last_status;
m_last_msg = other.m_last_msg;
}
return *this;
}
eap::config_method_with_cred& eap::config_method_with_cred::operator=(_Inout_ config_method_with_cred &&other)
{
if (this != &other) {
(config_method&)*this = std::move(other );
m_allow_save = std::move(other.m_allow_save );
m_use_cred = std::move(other.m_use_cred );
m_cred = std::move(other.m_cred );
m_last_status = std::move(other.m_last_status);
m_last_msg = std::move(other.m_last_msg );
}
return *this;
}
void eap::config_method_with_cred::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
{ {
assert(pDoc); assert(pDoc);
assert(pConfigRoot); assert(pConfigRoot);
config::save(pDoc, pConfigRoot);
HRESULT hr; HRESULT hr;
// <ClientSideCredential> // <ClientSideCredential>
@ -225,19 +176,16 @@ void eap::config_method_with_cred::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOM
// <ClientSideCredential>/<allow-save> // <ClientSideCredential>/<allow-save>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), namespace_eapmetadata, m_allow_save))) if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), namespace_eapmetadata, m_allow_save)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <allow-save> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <allow-save> element.");
if (m_use_cred)
m_cred->save(pDoc, pXmlElClientSideCredential);
} }
void eap::config_method_with_cred::load(_In_ IXMLDOMNode *pConfigRoot) void eap::config_method::load(_In_ IXMLDOMNode *pConfigRoot)
{ {
assert(pConfigRoot); assert(pConfigRoot);
config::load(pConfigRoot);
m_allow_save = true; m_allow_save = true;
m_use_cred = false;
m_cred->clear();
// <ClientSideCredential> // <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential; winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
@ -247,6 +195,125 @@ void eap::config_method_with_cred::load(_In_ IXMLDOMNode *pConfigRoot)
// <allow-save> // <allow-save>
eapxml::get_element_value(pXmlElClientSideCredential, winstd::bstr(L"eap-metadata:allow-save"), m_allow_save); eapxml::get_element_value(pXmlElClientSideCredential, winstd::bstr(L"eap-metadata:allow-save"), m_allow_save);
m_module.log_config((xpath + L"/allow-save").c_str(), m_allow_save); m_module.log_config((xpath + L"/allow-save").c_str(), m_allow_save);
}
m_last_status = status_success;
m_last_msg.clear();
}
void eap::config_method::operator<<(_Inout_ cursor_out &cursor) const
{
config::operator<<(cursor);
cursor << m_allow_save;
cursor << m_last_status;
cursor << m_last_msg;
}
size_t eap::config_method::get_pk_size() const
{
return
config::get_pk_size() +
pksizeof(m_allow_save ) +
pksizeof(m_last_status) +
pksizeof(m_last_msg );
}
void eap::config_method::operator>>(_Inout_ cursor_in &cursor)
{
config::operator>>(cursor);
cursor >> m_allow_save;
cursor >> m_last_status;
cursor >> m_last_msg;
}
//////////////////////////////////////////////////////////////////////
// eap::config_method_with_cred
//////////////////////////////////////////////////////////////////////
eap::config_method_with_cred::config_method_with_cred(_In_ module &mod, _In_ unsigned int level) :
m_use_cred (false),
config_method(mod, level)
{
}
eap::config_method_with_cred::config_method_with_cred(_In_ const config_method_with_cred &other) :
m_use_cred (other.m_use_cred ),
m_cred (other.m_cred ? (credentials*)other.m_cred->clone() : nullptr),
config_method(other )
{
}
eap::config_method_with_cred::config_method_with_cred(_Inout_ config_method_with_cred &&other) :
m_use_cred (std::move(other.m_use_cred)),
m_cred (std::move(other.m_cred )),
config_method(std::move(other ))
{
}
eap::config_method_with_cred& eap::config_method_with_cred::operator=(_In_ const config_method_with_cred &other)
{
if (this != &other) {
(config_method&)*this = other;
m_use_cred = other.m_use_cred;
m_cred.reset(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr);
}
return *this;
}
eap::config_method_with_cred& eap::config_method_with_cred::operator=(_Inout_ config_method_with_cred &&other)
{
if (this != &other) {
(config_method&)*this = std::move(other );
m_use_cred = std::move(other.m_use_cred);
m_cred = std::move(other.m_cred );
}
return *this;
}
void eap::config_method_with_cred::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
{
assert(pDoc);
assert(pConfigRoot);
config_method::save(pDoc, pConfigRoot);
HRESULT hr;
if (m_use_cred) {
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), namespace_eapmetadata, pXmlElClientSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientSideCredential> element.");
m_cred->save(pDoc, pXmlElClientSideCredential);
}
}
void eap::config_method_with_cred::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
config_method::load(pConfigRoot);
m_use_cred = false;
m_cred->clear();
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (SUCCEEDED(eapxml::select_element(pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), pXmlElClientSideCredential))) {
std::wstring xpath(eapxml::get_xpath(pXmlElClientSideCredential));
try { try {
m_cred->load(pXmlElClientSideCredential); m_cred->load(pXmlElClientSideCredential);
@ -255,20 +322,14 @@ void eap::config_method_with_cred::load(_In_ IXMLDOMNode *pConfigRoot)
// This is not really an error - merely an indication configured credentials are unavailable. // This is not really an error - merely an indication configured credentials are unavailable.
} }
} }
m_last_status = status_success;
m_last_msg.clear();
} }
void eap::config_method_with_cred::operator<<(_Inout_ cursor_out &cursor) const void eap::config_method_with_cred::operator<<(_Inout_ cursor_out &cursor) const
{ {
config_method::operator<<(cursor); config_method::operator<<(cursor);
cursor << m_allow_save;
cursor << m_use_cred; cursor << m_use_cred;
cursor << *m_cred; cursor << *m_cred;
cursor << m_last_status;
cursor << m_last_msg;
} }
@ -276,22 +337,16 @@ size_t eap::config_method_with_cred::get_pk_size() const
{ {
return return
config_method::get_pk_size() + config_method::get_pk_size() +
pksizeof(m_allow_save ) + pksizeof(m_use_cred) +
pksizeof(m_use_cred ) + pksizeof(*m_cred );
pksizeof(*m_cred ) +
pksizeof(m_last_status) +
pksizeof(m_last_msg );
} }
void eap::config_method_with_cred::operator>>(_Inout_ cursor_in &cursor) void eap::config_method_with_cred::operator>>(_Inout_ cursor_in &cursor)
{ {
config_method::operator>>(cursor); config_method::operator>>(cursor);
cursor >> m_allow_save;
cursor >> m_use_cred; cursor >> m_use_cred;
cursor >> *m_cred; cursor >> *m_cred;
cursor >> m_last_status;
cursor >> m_last_msg;
} }

8
lib/EAPBase/src/Method.cpp
View File

@ -28,7 +28,7 @@ using namespace winstd;
// eap::method // eap::method
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
eap::method::method(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred) : eap::method::method(_In_ module &module, _In_ config_method &cfg, _In_ credentials &cred) :
m_module(module), m_module(module),
m_cfg(cfg), m_cfg(cfg),
m_cred(cred) m_cred(cred)
@ -71,7 +71,7 @@ void eap::method::begin_session(
// Presume authentication will fail with generic protocol failure. (Pesimist!!!) // Presume authentication will fail with generic protocol failure. (Pesimist!!!)
// We will reset once we get get_result(Success) call. // We will reset once we get get_result(Success) call.
m_cfg.m_last_status = config_method_with_cred::status_auth_failed; m_cfg.m_last_status = config_method::status_auth_failed;
m_cfg.m_last_msg.clear(); m_cfg.m_last_msg.clear();
} }
@ -90,7 +90,7 @@ void eap::method::get_result(
switch (reason) { switch (reason) {
case EapPeerMethodResultSuccess: { case EapPeerMethodResultSuccess: {
m_module.log_event(&EAPMETHOD_METHOD_SUCCESS, event_data((unsigned int)m_cfg.get_method_id()), event_data::blank); m_module.log_event(&EAPMETHOD_METHOD_SUCCESS, event_data((unsigned int)m_cfg.get_method_id()), event_data::blank);
m_cfg.m_last_status = config_method_with_cred::status_success; m_cfg.m_last_status = config_method::status_success;
break; break;
} }
@ -113,7 +113,7 @@ void eap::method::get_result(
// eap::method_noneap // eap::method_noneap
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
eap::method_noneap::method_noneap(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred) : method(module, cfg, cred) eap::method_noneap::method_noneap(_In_ module &module, _In_ config_method &cfg, _In_ credentials &cred) : method(module, cfg, cred)
{ {
} }

2
lib/EAPBase_UI/include/EAP_UI.h
View File

@ -436,7 +436,7 @@ public:
/// ///
/// Constructs a notice pannel and set the title text /// Constructs a notice pannel and set the title text
/// ///
wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method_with_cred::status_t status, wxWindow* parent); wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method::status_t status, wxWindow* parent);
}; };

10
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@ -238,7 +238,7 @@ wxEAPProviderLockedPanel::wxEAPProviderLockedPanel(const eap::config_provider &p
// wxEAPCredentialWarningPanel // wxEAPCredentialWarningPanel
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method_with_cred::status_t status, wxWindow* parent) : wxEAPNotePanel(parent) wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provider &prov, eap::config_method::status_t status, wxWindow* parent) : wxEAPNotePanel(parent)
{ {
// Load and set icon. // Load and set icon.
winstd::library lib_shell32; winstd::library lib_shell32;
@ -246,10 +246,10 @@ wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provi
m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(161))); m_note_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(161)));
m_note_label->SetLabel(( m_note_label->SetLabel((
status == eap::config_method_with_cred::status_cred_invalid ? _("Previous attempt to connect reported invalid credentials.") : status == eap::config_method::status_cred_invalid ? _("Previous attempt to connect reported invalid credentials.") :
status == eap::config_method_with_cred::status_cred_expired ? _("Previous attempt to connect reported your credentials expired.") : status == eap::config_method::status_cred_expired ? _("Previous attempt to connect reported your credentials expired.") :
status == eap::config_method_with_cred::status_cred_changing ? _("Previous attempt to connect reported your credentials are being changed.") : status == eap::config_method::status_cred_changing ? _("Previous attempt to connect reported your credentials are being changed.") :
_("Previous attempt to connect failed.")) + " " + _("Previous attempt to connect failed.")) + " " +
_("Please, make sure your credentials are correct, or try again later.")); _("Please, make sure your credentials are correct, or try again later."));
m_note_label->Wrap(449); m_note_label->Wrap(449);

14
lib/MSCHAPv2/src/Method.cpp
View File

@ -129,7 +129,7 @@ void eap::method_mschapv2::process_request_packet(
append_avp(25, 311, diameter_avp_flag_mandatory, response.data() , (unsigned int)response.size() ); append_avp(25, 311, diameter_avp_flag_mandatory, response.data() , (unsigned int)response.size() );
m_phase = phase_challenge_server; m_phase = phase_challenge_server;
m_cfg.m_last_status = config_method_with_cred::status_cred_invalid; // Blame credentials if we fail beyond this point. m_cfg.m_last_status = config_method::status_cred_invalid; // Blame credentials if we fail beyond this point.
break; break;
} }
@ -236,12 +236,12 @@ void eap::method_mschapv2::process_error(_In_ const list<string> &argv)
DWORD dwResult = strtoul(val.data() + 2, NULL, 10); DWORD dwResult = strtoul(val.data() + 2, NULL, 10);
m_module.log_event(&EAPMETHOD_METHOD_FAILURE_ERROR, event_data((unsigned int)eap_type_legacy_mschapv2), event_data(dwResult), event_data::blank); m_module.log_event(&EAPMETHOD_METHOD_FAILURE_ERROR, event_data((unsigned int)eap_type_legacy_mschapv2), event_data(dwResult), event_data::blank);
switch (dwResult) { switch (dwResult) {
case ERROR_ACCT_DISABLED : m_cfg.m_last_status = config_method_with_cred::status_account_disabled ; break; case ERROR_ACCT_DISABLED : m_cfg.m_last_status = config_method::status_account_disabled ; break;
case ERROR_RESTRICTED_LOGON_HOURS: m_cfg.m_last_status = config_method_with_cred::status_account_logon_hours; break; case ERROR_RESTRICTED_LOGON_HOURS: m_cfg.m_last_status = config_method::status_account_logon_hours; break;
case ERROR_NO_DIALIN_PERMISSION : m_cfg.m_last_status = config_method_with_cred::status_account_denied ; break; case ERROR_NO_DIALIN_PERMISSION : m_cfg.m_last_status = config_method::status_account_denied ; break;
case ERROR_PASSWD_EXPIRED : m_cfg.m_last_status = config_method_with_cred::status_cred_expired ; break; case ERROR_PASSWD_EXPIRED : m_cfg.m_last_status = config_method::status_cred_expired ; break;
case ERROR_CHANGING_PASSWORD : m_cfg.m_last_status = config_method_with_cred::status_cred_changing ; break; case ERROR_CHANGING_PASSWORD : m_cfg.m_last_status = config_method::status_cred_changing ; break;
default : m_cfg.m_last_status = config_method_with_cred::status_cred_invalid ; default : m_cfg.m_last_status = config_method::status_cred_invalid ;
} }
} else if ((val[0] == 'C' || val[0] == 'c') && val[1] == '=') { } else if ((val[0] == 'C' || val[0] == 'c') && val[1] == '=') {
hex_dec dec; hex_dec dec;

2
lib/PAP/include/Method.h
View File

@ -93,7 +93,7 @@ namespace eap
/// @} /// @}
protected: protected:
credentials_pass &m_cred; ///< Method user credentials credentials_pass &m_cred; ///< Method user credentials
enum { enum {
phase_unknown = -1, ///< Unknown phase phase_unknown = -1, ///< Unknown phase

2
lib/PAP/src/Method.cpp
View File

@ -98,7 +98,7 @@ void eap::method_pap::process_request_packet(
append_avp(2, diameter_avp_flag_mandatory, password_utf8.data(), (unsigned int)password_utf8.size()); append_avp(2, diameter_avp_flag_mandatory, password_utf8.data(), (unsigned int)password_utf8.size());
m_phase = phase_finished; m_phase = phase_finished;
m_cfg.m_last_status = config_method_with_cred::status_cred_invalid; // Blame credentials if we fail beyond this point. m_cfg.m_last_status = config_method::status_cred_invalid; // Blame credentials if we fail beyond this point.
break; break;
} }

6
lib/TLS/src/Method.cpp
View File

@ -443,7 +443,7 @@ void eap::method_tls::process_request_packet(
} else { } else {
m_session_resumed = false; m_session_resumed = false;
m_phase = phase_change_cipher_spec; m_phase = phase_change_cipher_spec;
m_cfg.m_last_status = config_method_with_cred::status_cred_invalid; // Blame credentials if we fail beyond this point. m_cfg.m_last_status = config_method::status_cred_invalid; // Blame credentials if we fail beyond this point.
} }
break; break;
} }
@ -1208,7 +1208,7 @@ void eap::method_tls::process_handshake()
process_application_data(m_sc_queue.data(), m_sc_queue.size()); process_application_data(m_sc_queue.data(), m_sc_queue.size());
} else { } else {
m_phase = phase_handshake_cont; m_phase = phase_handshake_cont;
m_cfg.m_last_status = config_method_with_cred::status_cred_invalid; // Blame credentials if we fail beyond this point. m_cfg.m_last_status = config_method::status_cred_invalid; // Blame credentials if we fail beyond this point.
} }
} else if (status == SEC_E_INCOMPLETE_MESSAGE) { } else if (status == SEC_E_INCOMPLETE_MESSAGE) {
// Schannel neeeds more data. Send ACK packet to server to send more. // Schannel neeeds more data. Send ACK packet to server to send more.
@ -1289,8 +1289,6 @@ void eap::method_tls::process_application_data(_In_bytecount_(size_msg) const vo
{ {
UNREFERENCED_PARAMETER(msg); UNREFERENCED_PARAMETER(msg);
UNREFERENCED_PARAMETER(size_msg); UNREFERENCED_PARAMETER(size_msg);
// TODO: Parse application data (Diameter AVP)
} }

4
lib/TTLS/src/Method.cpp
View File

@ -130,10 +130,10 @@ void eap::method_ttls::get_result(
if (result.fSaveConnectionData) if (result.fSaveConnectionData)
ppResult->fSaveConnectionData = TRUE; ppResult->fSaveConnectionData = TRUE;
if (m_inner->m_cfg.m_last_status != config_method_with_cred::status_success) { if (m_inner->m_cfg.m_last_status != config_method::status_success) {
// Inner method admitted problems, so autentication must have proceeded to inner authentication already. // Inner method admitted problems, so autentication must have proceeded to inner authentication already.
// Therefore, outer authentication must have been OK. // Therefore, outer authentication must have been OK.
m_cfg.m_last_status = config_method_with_cred::status_success; m_cfg.m_last_status = config_method::status_success;
} }
} }
} }

4
lib/TTLS/src/Module.cpp
View File

@ -416,13 +416,13 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials(
// If we got here, we have all credentials we need. But, wait! // If we got here, we have all credentials we need. But, wait!
if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) { if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) {
if (config_method_with_cred::status_cred_begin <= cfg_method->m_last_status && cfg_method->m_last_status < config_method_with_cred::status_cred_end) { if (config_method::status_cred_begin <= cfg_method->m_last_status && cfg_method->m_last_status < config_method::status_cred_end) {
// Outer: Credentials failed on last connection attempt. // Outer: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)eap_type_tls), event_data::blank); log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)eap_type_tls), event_data::blank);
continue; continue;
} }
if (config_method_with_cred::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < config_method_with_cred::status_cred_end) { if (config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < config_method::status_cred_end) {
// Inner: Credentials failed on last connection attempt. // Inner: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)cfg_method->m_inner->get_method_id()), event_data::blank); log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)cfg_method->m_inner->get_method_id()), event_data::blank);
continue; continue;

4
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@ -40,7 +40,7 @@ wxTTLSCredentialsPanel::wxTTLSCredentialsPanel(const eap::config_provider &prov,
assert(m_cfg.m_inner); assert(m_cfg.m_inner);
if (eap::config_method_with_cred::status_cred_begin <= m_cfg.m_inner->m_last_status && m_cfg.m_inner->m_last_status < eap::config_method_with_cred::status_cred_end) if (eap::config_method::status_cred_begin <= m_cfg.m_inner->m_last_status && m_cfg.m_inner->m_last_status < eap::config_method::status_cred_end)
sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, m_cfg.m_inner->m_last_status, this), 0, wxALL|wxEXPAND, 5); sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, m_cfg.m_inner->m_last_status, this), 0, wxALL|wxEXPAND, 5);
const eap::config_method_pap *cfg_inner_pap; const eap::config_method_pap *cfg_inner_pap;
@ -63,7 +63,7 @@ wxTTLSCredentialsPanel::wxTTLSCredentialsPanel(const eap::config_provider &prov,
m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) ); m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5); sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5);
if (eap::config_method_with_cred::status_cred_begin <= m_cfg.m_last_status && m_cfg.m_last_status < eap::config_method_with_cred::status_cred_end) if (eap::config_method::status_cred_begin <= m_cfg.m_last_status && m_cfg.m_last_status < eap::config_method::status_cred_end)
sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, m_cfg.m_last_status, this), 0, wxALL|wxEXPAND, 5); sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, m_cfg.m_last_status, this), 0, wxALL|wxEXPAND, 5);
m_outer_cred = new wxTLSCredentialsPanel(m_prov, m_cfg, cred, this, is_config); m_outer_cred = new wxTLSCredentialsPanel(m_prov, m_cfg, cred, this, is_config);