Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

EAP BLOBs are encrypted now

Browse Source
This commit is contained in:
Simon Rozman
2016-06-22 09:18:27 +02:00
parent a2ca2fd850
commit bdd3fc616c
11 changed files with 370 additions and 435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
EAPMethods/src/Main.cpp
View File

@@ -236,18 +236,12 @@ DWORD APIENTRY EapPeerGetIdentity(
else if (!ppwszIdentity)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
if (!g_peer.get_identity(
dwFlags,
dwConnectionDataSize,
pConnectionData,
dwUserDataSize,
pUserData,
hTokenImpersonateUser,
pfInvokeUI,
pdwUserDataOutSize,
ppUserDataOut,
ppwszIdentity,
ppEapError))
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_identity(dwFlags, cfg, usr, hTokenImpersonateUser, pfInvokeUI, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
@@ -307,7 +301,10 @@ DWORD APIENTRY EapPeerBeginSession(
}
// Begin the session.
if (!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwConnectionDataSize, pConnectionData, dwUserDataSize, pUserData, dwMaxSendPacketSize, ppEapError)) {
if (!g_peer.unpack(session->m_cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(session->m_id, pUserData, dwUserDataSize, ppEapError) ||
!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
@@ -508,7 +505,10 @@ DWORD APIENTRY EapPeerGetUIContext(
else if (!ppUIContextData)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUIContextData is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(pdwUIContextDataSize, ppUIContextData, ppEapError)) {
_EAPMETHOD_SESSION::interactive_request_type req;
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(req, ppEapError) ||
!g_peer.pack(req, ppUIContextData, pdwUIContextDataSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
@@ -554,7 +554,10 @@ DWORD APIENTRY EapPeerSetUIContext(
else if (!pEapOutput)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(dwUIContextDataSize, pUIContextData, pEapOutput, ppEapError)) {
_EAPMETHOD_SESSION::interactive_response_type res;
if (!g_peer.unpack(res, pUIContextData, dwUIContextDataSize, ppEapError) ||
!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(res, pEapOutput, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
@@ -681,16 +684,18 @@ DWORD WINAPI EapPeerGetMethodProperties(
else if (!pMethodPropertyArray)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pMethodPropertyArray is NULL.")));
else {
if (!g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
dwEapConnDataSize,
pEapConnData,
dwUserDataSize,
pUserData,
pMethodPropertyArray,
ppEapError))
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pEapConnData, dwEapConnDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
cfg,
usr,
pMethodPropertyArray,
ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
@@ -757,29 +762,16 @@ DWORD WINAPI EapPeerCredentialsXml2Blob(
// Load credentials.
pCredentialsDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER::identity_type cred(g_peer);
if (!cred.load(pXmlElCredentials, ppEapError)) {
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!usr.load(pXmlElCredentials, ppEapError) ||
!g_peer.pack(usr, ppCredentialsOut, pdwCredentialsOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for credentials.
assert(ppCredentialsOut);
assert(pdwCredentialsOutSize);
*pdwCredentialsOutSize = (DWORD)eapserial::get_pk_size(cred);
*ppCredentialsOut = g_peer.alloc_memory(*pdwCredentialsOutSize);
if (!*ppCredentialsOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwCredentialsOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppCredentialsOut;
eapserial::pack(cursor, cred);
assert(cursor - *ppCredentialsOut <= (ptrdiff_t)*pdwCredentialsOutSize);
}
return dwResult;

118
EAPMethods/src/Main_UI.cpp
View File

@@ -143,28 +143,15 @@ DWORD WINAPI EapPeerConfigXml2Blob(
// Load configuration.
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (!cfg.load(pXmlElConfig, ppEapError)) {
if (!cfg.load(pXmlElConfig, ppEapError) ||
!g_peer.pack(cfg, ppConfigOut, pdwConfigOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for configuration.
assert(ppConfigOut);
assert(pdwConfigOutSize);
*pdwConfigOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConfigOut = g_peer.alloc_memory(*pdwConfigOutSize);
if (!*ppConfigOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConfigOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConfigOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConfigOut <= (ptrdiff_t)*pdwConfigOutSize);
}
return dwResult;
@@ -212,10 +199,12 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConfigIn || !dwConfigInSize) {
const unsigned char *cursor = pConfigIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConfigIn <= (ptrdiff_t)dwConfigInSize);
if (!g_peer.unpack(cfg, pConfigIn, dwConfigInSize, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Create configuration XML document.
@@ -305,36 +294,17 @@ DWORD WINAPI EapPeerInvokeConfigUI(
else if (!ppConnectionDataOut)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConnectionDataOut is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionDataIn || !dwConnectionDataInSize) {
const unsigned char *cursor = pConnectionDataIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionDataIn <= (ptrdiff_t)dwConnectionDataInSize);
}
if (!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError)) {
if (!g_peer.unpack(cfg, pConnectionDataIn, dwConnectionDataInSize, ppEapError) ||
!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError) ||
!g_peer.pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for configuration.
assert(ppConnectionDataOut);
assert(pdwConnectionDataOutSize);
*pdwConnectionDataOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConnectionDataOut = g_peer.alloc_memory(*pdwConnectionDataOutSize);
if (!*ppConnectionDataOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConnectionDataOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConnectionDataOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConnectionDataOut <= (ptrdiff_t)*pdwConnectionDataOutSize);
}
return dwResult;
@@ -389,44 +359,19 @@ DWORD WINAPI EapPeerInvokeIdentityUI(
else if (!ppwszIdentity)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionData || !dwConnectionDataSize) {
const unsigned char *cursor = pConnectionData;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionData <= (ptrdiff_t)dwConnectionDataSize);
}
// Unpack configuration.
_EAPMETHOD_PEER_UI::identity_type usr(g_peer);
if (pUserData || !dwUserDataSize) {
const unsigned char *cursor = pUserData;
eapserial::unpack(cursor, usr);
assert(cursor - pUserData <= (ptrdiff_t)dwUserDataSize);
}
if (!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError)) {
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for user data.
assert(ppUserDataOut);
assert(pdwUserDataOutSize);
*pdwUserDataOutSize = (DWORD)eapserial::get_pk_size(usr);
*ppUserDataOut = g_peer.alloc_memory(*pdwUserDataOutSize);
if (!*ppUserDataOut) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwUserDataOutSize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppUserDataOut;
eapserial::pack(cursor, usr);
assert(cursor - *ppUserDataOut <= (ptrdiff_t)*pdwUserDataOutSize);
}
return dwResult;
@@ -473,37 +418,18 @@ DWORD WINAPI EapPeerInvokeInteractiveUI(
else if (!ppDataFromInteractiveUI)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL.")));
else {
// Unpack request.
_EAPMETHOD_PEER_UI::interactive_request_type req;
if (pUIContextData || !dwUIContextDataSize) {
const unsigned char *cursor = pUIContextData;
eapserial::unpack(cursor, req);
assert(cursor - pUIContextData <= (ptrdiff_t)dwUIContextDataSize);
}
_EAPMETHOD_PEER_UI::interactive_response_type res;
if (!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError)) {
if (!g_peer.unpack(req, pUIContextData, dwUIContextDataSize, ppEapError) ||
!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError) ||
!g_peer.pack(res, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Allocate BLOB for user data.
assert(ppDataFromInteractiveUI);
assert(pdwDataFromInteractiveUISize);
*pdwDataFromInteractiveUISize = (DWORD)eapserial::get_pk_size(res);
*ppDataFromInteractiveUI = g_peer.alloc_memory(*pdwDataFromInteractiveUISize);
if (!*ppDataFromInteractiveUI) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for interactive response (%uB)."), *pdwDataFromInteractiveUISize).c_str()));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppDataFromInteractiveUI;
eapserial::pack(cursor, res);
assert(cursor - *ppDataFromInteractiveUI <= (ptrdiff_t)*pdwDataFromInteractiveUISize);
}
return dwResult;