diff --git a/lib/EAPBase/include/Module.h b/lib/EAPBase/include/Module.h index c5ba7c4..5378cd4 100644 --- a/lib/EAPBase/include/Module.h +++ b/lib/EAPBase/include/Module.h @@ -159,7 +159,7 @@ namespace eap /// Logs string list config value /// template - inline void log_config(_In_z_ LPCWSTR name, _In_z_ const std::list, _Ax_list> &value) const + inline void log_config(_In_z_ LPCWSTR name, _In_ const std::list, _Ax_list> &value) const { // Prepare a table of event data descriptors. std::vector desc; @@ -177,7 +177,7 @@ namespace eap /// Logs Unicode string list config value /// template - inline void log_config(_In_z_ LPCWSTR name, _In_z_ const std::list, _Ax_list> &value) const + inline void log_config(_In_z_ LPCWSTR name, _In_ const std::list, _Ax_list> &value) const { // Prepare a table of event data descriptors. std::vector desc; @@ -204,6 +204,48 @@ namespace eap m_ep.write(&EAPMETHOD_TRACE_EVT_CFG_VALUE_BOOL, _countof(desc), desc); } + /// + /// Logs binary config value + /// + inline void log_config(_In_z_ LPCWSTR name, _In_bytecount_(size) const void *data, _In_ ULONG size) const + { + EVENT_DATA_DESCRIPTOR desc[] = { + winstd::event_data( name), + winstd::event_data( size), + winstd::event_data(data, size) + }; + + m_ep.write(&EAPMETHOD_TRACE_EVT_CFG_VALUE_BINARY, _countof(desc), desc); + } + + /// + /// Discretely logs Unicode string config value + /// + /// If \c _DEBUG is set the value is masked. + /// + inline void log_config_discrete(_In_z_ LPCWSTR name, _In_z_ LPCWSTR value) const + { +#ifdef _DEBUG + log_config(name, value); +#else + log_config(name, value ? value[0] ? L"********" : L"" : NULL); +#endif + } + + /// + /// Discretely logs binary config value + /// + /// If \c _DEBUG is set the value is masked. + /// + inline void log_config_discrete(_In_z_ LPCWSTR name, _In_bytecount_(size) const void *data, _In_ ULONG size) const + { +#ifdef _DEBUG + log_config(name, data, size); +#else + log_config(name, data ? size ? L"********" : L"" : NULL); +#endif + } + /// /// Logs event /// diff --git a/lib/EAPBase/src/Credentials.cpp b/lib/EAPBase/src/Credentials.cpp index 88acfd3..d98d7bd 100644 --- a/lib/EAPBase/src/Credentials.cpp +++ b/lib/EAPBase/src/Credentials.cpp @@ -319,13 +319,7 @@ void eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot) SecureZeroMemory((BSTR)password, sizeof(OLECHAR)*password.length()); } - m_module.log_config((xpath + L"/Password").c_str(), -#ifdef _DEBUG - m_password.c_str() -#else - L"********" -#endif - ); + m_module.log_config_discrete((xpath + L"/Password").c_str(), m_password.c_str()); } @@ -420,13 +414,7 @@ void eap::credentials_pass::retrieve(_In_z_ LPCTSTR pszTargetName, _In_ unsigned wstring xpath(pszTargetName); m_module.log_config((xpath + L"/Identity").c_str(), m_identity.c_str()); - m_module.log_config((xpath + L"/Password").c_str(), -#ifdef _DEBUG - m_password.c_str() -#else - L"********" -#endif - ); + m_module.log_config_discrete((xpath + L"/Password").c_str(), m_password.c_str()); } diff --git a/lib/EapHost/src/Credentials.cpp b/lib/EapHost/src/Credentials.cpp index 6033666..636e37f 100644 --- a/lib/EapHost/src/Credentials.cpp +++ b/lib/EapHost/src/Credentials.cpp @@ -118,8 +118,7 @@ void eap::credentials_eaphost::load(_In_ IXMLDOMNode *pConfigRoot) if (FAILED(hr = eapxml::get_element_base64(pConfigRoot, bstr(L"eap-metadata:Credentials"), m_cred_blob))) throw com_runtime_error(hr, __FUNCTION__ " Error reading element."); - // TODO: Finish log output! - //m_module.log_config((xpath + L"/Credentials").c_str(), get_name().c_str()); + m_module.log_config_discrete((xpath + L"/Credentials").c_str(), m_cred_blob.data(), (ULONG)m_cred_blob.size()); } diff --git a/lib/EapHost/src/StdAfx.h b/lib/EapHost/src/StdAfx.h index 4e421e0..25689c4 100644 --- a/lib/EapHost/src/StdAfx.h +++ b/lib/EapHost/src/StdAfx.h @@ -24,6 +24,7 @@ #include "../include/Credentials.h" #include "../include/Method.h" +#include #include #include diff --git a/lib/Events/res/EventsETW.man b/lib/Events/res/EventsETW.man index dc3ae15..3f5fc8b 100644 Binary files a/lib/Events/res/EventsETW.man and b/lib/Events/res/EventsETW.man differ diff --git a/lib/TLS/src/Credentials.cpp b/lib/TLS/src/Credentials.cpp index b5317bd..47b1ab1 100644 --- a/lib/TLS/src/Credentials.cpp +++ b/lib/TLS/src/Credentials.cpp @@ -140,7 +140,11 @@ void eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot) m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size()); } } - m_module.log_config((xpath + L"/ClientCertificate").c_str(), get_name().c_str()); + + if (m_cert) + m_module.log_config_discrete((xpath + L"/ClientCertificate").c_str(), m_cert->pbCertEncoded, m_cert->cbCertEncoded); + else + m_module.log_config_discrete((xpath + L"/ClientCertificate").c_str(), NULL, 0); } @@ -234,7 +238,10 @@ void eap::credentials_tls::retrieve(_In_z_ LPCTSTR pszTargetName, _In_ unsigned wstring xpath(pszTargetName); m_module.log_config((xpath + L"/Identity").c_str(), m_identity.c_str()); - m_module.log_config((xpath + L"/Certificate").c_str(), get_name().c_str()); + if (m_cert) + m_module.log_config_discrete((xpath + L"/Certificate").c_str(), m_cert->pbCertEncoded, m_cert->cbCertEncoded); + else + m_module.log_config_discrete((xpath + L"/Certificate").c_str(), NULL, 0); }