Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Support for read-only configurations added

Browse Source
This commit is contained in:
Simon Rozman
2016-06-20 14:51:21 +02:00
parent 2f0948b4fd
commit e52b9a636f
28 changed files with 998 additions and 615 deletions
Download Patch File Download Diff File Expand all files Collapse all files

252
lib/TLS_UI/include/TLS_UI.h
View File

@@ -24,9 +24,16 @@
#include <WinStd/Common.h>
#include <wx/filedlg.h>
#include <wx/msgdlg.h>
#include <cryptuiapi.h>
#include <Windows.h>
#include <WinCrypt.h> // Must include after <Windows.h>
#include <list>
#include <string>
///
/// Helper class for auto-destroyable certificates used in wxWidget's item containers
@@ -56,17 +63,17 @@ class wxEAPTLSCredentialsPanel;
///
/// EAPTLS server trust configuration panel
///
class wxEAPTLSServerTrustPanel;
template <class _Tprov> class wxEAPTLSServerTrustPanel;
///
/// TLS credentials configuration panel
///
typedef wxEAPCredentialsConfigPanel<eap::config_tls, eap::credentials_tls, wxEAPTLSCredentialsPanel> wxEAPTLSCredentialsConfigPanel;
template <class _Tprov> class wxEAPTLSCredentialsConfigPanel;
///
/// EAPTLS configuration panel
///
class wxEAPTLSConfigPanel;
template <class _Tprov> class wxEAPTLSConfigPanel;
namespace eap
{
@@ -249,7 +256,7 @@ protected:
};
class wxEAPTLSCredentialsPanel : public wxCredentialsPanel<wxEAPTLSCredentialsPanelBase, eap::credentials_tls>
class wxEAPTLSCredentialsPanel : public wxCredentialsPanel<eap::credentials_tls, wxEAPTLSCredentialsPanelBase>
{
public:
///
@@ -270,23 +277,150 @@ protected:
};
template <class _Tprov>
class wxEAPTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase
{
public:
///
/// Constructs a configuration panel
///
wxEAPTLSServerTrustPanel(eap::config_tls &cfg, wxWindow* parent);
wxEAPTLSServerTrustPanel(_Tprov &prov, eap::config_tls &cfg, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
wxEAPTLSServerTrustConfigPanelBase(parent)
{
// Load and set icon.
if (m_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_server_trust_icon, m_icon, m_certmgr, MAKEINTRESOURCE(218));
// Do not use cfg.m_server_names directly, so we can decide not to store the value in case of provider-locked configuration.
// Never rely on control disabled state alone, as they can be enabled using external tool like Spy++.
m_server_names->SetValidator(wxFQDNListValidator(&m_server_names_val));
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual void OnRootCA(wxCommandEvent& event);
virtual void OnRootCADClick(wxCommandEvent& event);
virtual void OnRootCAAddStore(wxCommandEvent& event);
virtual void OnRootCAAddFile(wxCommandEvent& event);
virtual void OnRootCARemove(wxCommandEvent& event);
virtual bool TransferDataToWindow()
{
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_root_ca_add_store->Enable(false);
m_root_ca_add_file ->Enable(false);
m_root_ca_remove ->Enable(false);
m_server_names ->Enable(false);
}
// Populate trusted CA list.
for (std::list<winstd::cert_context>::const_iterator cert = m_cfg.m_trusted_root_ca.cbegin(), cert_end = m_cfg.m_trusted_root_ca.cend(); cert != cert_end; ++cert) {
winstd::tstring name;
if (CertGetNameString(*cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0)
m_root_ca->Append(wxString(name), new wxCertificateClientData(cert->duplicate()));
}
// Set server acceptable names. The edit control will get populated by validator.
m_server_names_val = m_cfg.m_server_names;
return wxEAPTLSServerTrustConfigPanelBase::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
wxCHECK(wxEAPTLSServerTrustConfigPanelBase::TransferDataFromWindow(), false);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
// Parse trusted CA list.
m_cfg.m_trusted_root_ca.clear();
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (cert)
m_cfg.add_trusted_ca(cert->m_cert->dwCertEncodingType, cert->m_cert->pbCertEncoded, cert->m_cert->cbCertEncoded);
}
// Save acceptable server names.
m_cfg.m_server_names = m_server_names_val;
}
return true;
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Selectively enable/disable controls.
wxArrayInt selections;
m_root_ca_remove->Enable(m_root_ca->GetSelections(selections) ? true : false);
}
}
virtual void OnRootCADClick(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
if (cert)
CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, cert->m_cert, this->GetHWND(), NULL, 0, NULL);
}
virtual void OnRootCAAddStore(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_context cert;
cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL));
if (cert)
AddRootCA(cert);
}
}
virtual void OnRootCAAddFile(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
const wxString separator(wxT("|"));
wxFileDialog open_dialog(this, _("Add Certificate"), wxEmptyString, wxEmptyString,
_("Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.p7b;*.pem") + separator +
_("X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.pem") + separator +
_("PKCS #7 Certificate Files (*.p7b)") + separator + wxT("*.p7b") + separator +
_("All Files (*.*)") + separator + wxT("*.*"),
wxFD_OPEN|wxFD_FILE_MUST_EXIST|wxFD_MULTIPLE);
if (open_dialog.ShowModal() == wxID_CANCEL) {
event.Skip();
return;
}
wxArrayString paths;
open_dialog.GetPaths(paths);
for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) {
// Load certificate(s) from file.
winstd::cert_store cs;
if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, (LPCTSTR)(paths[i]))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;)
AddRootCA(cert);
} else
wxMessageBox(wxString::Format(_("Invalid or unsupported certificate file %s"), paths[i]), _("Error"), wxOK | wxICON_EXCLAMATION, this);
}
}
virtual void OnRootCARemove(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxArrayInt selections;
for (int i = m_root_ca->GetSelections(selections); i--; )
m_root_ca->Delete(selections[i]);
}
/// \endcond
///
@@ -298,34 +432,110 @@ protected:
/// - \c true if certificate was added;
/// - \c false if duplicate found or an error occured.
///
bool AddRootCA(PCCERT_CONTEXT cert);
bool AddRootCA(PCCERT_CONTEXT cert)
{
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *c = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (c && c->m_cert &&
c->m_cert->cbCertEncoded == cert->cbCertEncoded &&
memcmp(c->m_cert->pbCertEncoded, cert->pbCertEncoded, cert->cbCertEncoded) == 0)
{
// This certificate is already on the list.
m_root_ca->SetSelection(i);
return false;
}
}
// Add certificate to the list.
winstd::tstring name;
if (CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0) {
int i = m_root_ca->Append(wxString(name), new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
if (0 <= i) {
m_root_ca->SetSelection(i);
}
return true;
}
return false;
}
protected:
eap::config_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon
_Tprov &m_prov; ///< EAP provider
eap::config_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon
std::list<std::string> m_server_names_val; ///< Acceptable authenticating server names
};
template <class _Tprov>
class wxEAPTLSCredentialsConfigPanel : public wxEAPCredentialsConfigPanel<_Tprov, eap::config_tls, wxEAPTLSCredentialsPanel>
{
public:
///
/// Constructs a credential configuration panel
///
/// \param[inout] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxEAPTLSCredentialsConfigPanel(_Tprov &prov, eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow *parent) :
wxEAPCredentialsConfigPanel<_Tprov, eap::config_tls, wxEAPTLSCredentialsPanel>(prov, cfg, pszCredTarget, parent)
{
}
};
template <class _Tprov>
class wxEAPTLSConfigPanel : public wxPanel
{
public:
///
/// Constructs a configuration panel
///
wxEAPTLSConfigPanel(eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
wxEAPTLSConfigPanel(_Tprov &prov, eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_server_trust = new wxEAPTLSServerTrustPanel<_Tprov>(prov, cfg, this);
sb_content->Add(m_server_trust, 0, wxDOWN|wxEXPAND, 5);
m_credentials = new wxEAPTLSCredentialsConfigPanel<_Tprov>(prov, cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxUP|wxEXPAND, 5);
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
///
/// Destructs the configuration panel
///
virtual ~wxEAPTLSConfigPanel();
virtual ~wxEAPTLSConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
m_server_trust->GetEventHandler()->ProcessEvent(event);
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}
/// \endcond
protected:
wxEAPTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel
wxEAPTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel
wxEAPTLSServerTrustPanel<_Tprov> *m_server_trust; ///< Server trust configuration panel
wxEAPTLSCredentialsConfigPanel<_Tprov> *m_credentials; ///< Credentials configuration panel
};

4
lib/TLS_UI/res/wxTLS_UI.cpp
View File

@@ -96,7 +96,7 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow
this->Layout();
// Connect Events
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_SELECTED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCA ), NULL, this );
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
@@ -106,7 +106,7 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow
wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase()
{
// Disconnect Events
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_SELECTED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCA ), NULL, this );
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );

4
lib/TLS_UI/res/wxTLS_UI.fbp
View File

@@ -77,7 +77,7 @@
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
<event name="OnUpdateUI">OnUpdateUI</event>
<object class="wxStaticBoxSizer" expanded="1">
<property name="id">wxID_ANY</property>
<property name="label">Server Trust</property>
@@ -431,7 +431,7 @@
<event name="OnLeftDClick"></event>
<event name="OnLeftDown"></event>
<event name="OnLeftUp"></event>
<event name="OnListBox">OnRootCA</event>
<event name="OnListBox"></event>
<event name="OnListBoxDClick">OnRootCADClick</event>
<event name="OnMiddleDClick"></event>
<event name="OnMiddleDown"></event>

2
lib/TLS_UI/res/wxTLS_UI.h
View File

@@ -53,7 +53,7 @@ class wxEAPTLSServerTrustConfigPanelBase : public wxPanel
wxStaticText* m_server_names_note;
// Virtual event handlers, overide them in your derived class
virtual void OnRootCA( wxCommandEvent& event ) { event.Skip(); }
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
virtual void OnRootCADClick( wxCommandEvent& event ) { event.Skip(); }
virtual void OnRootCAAddStore( wxCommandEvent& event ) { event.Skip(); }
virtual void OnRootCAAddFile( wxCommandEvent& event ) { event.Skip(); }

5
lib/TLS_UI/src/StdAfx.h
View File

@@ -25,8 +25,3 @@
#include "../../../include/Version.h"
#include "../include/TLS_UI.h"
#include <wx/filedlg.h>
#include <wx/msgdlg.h>
#include <cryptuiapi.h>

199
lib/TLS_UI/src/TLS_UI.cpp
View File

@@ -332,7 +332,7 @@ bool wxFQDNListValidator::Parse(const wxString &val_in, size_t i_start, size_t i
// Skip trailing white-space.
for (; i < i_end && _istspace(buf[i_end - 1]); i_end--);
if (wxHostNameValidator::Parse(val_in, i, i_end, ctrl, parent, fqdn)) {
if (wxFQDNValidator::Parse(val_in, i, i_end, ctrl, parent, fqdn)) {
// The rest of the FQDN list parsed succesfully.
if (fqdn && !fqdn->empty()) _val_out.push_back(std::move(*fqdn));
if (val_out) *val_out = std::move(_val_out);
@@ -349,7 +349,7 @@ bool wxFQDNListValidator::Parse(const wxString &val_in, size_t i_start, size_t i
//////////////////////////////////////////////////////////////////////
wxEAPTLSCredentialsPanel::wxEAPTLSCredentialsPanel(eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config) :
wxCredentialsPanel<wxEAPTLSCredentialsPanelBase, eap::credentials_tls>(cred, pszCredTarget, parent, is_config)
wxCredentialsPanel<eap::credentials_tls, wxEAPTLSCredentialsPanelBase>(cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
@@ -359,8 +359,6 @@ wxEAPTLSCredentialsPanel::wxEAPTLSCredentialsPanel(eap::credentials_tls &cred, L
bool wxEAPTLSCredentialsPanel::TransferDataToWindow()
{
wxCHECK(__super::TransferDataToWindow(), false);
// Populate certificate list.
bool is_found = false;
winstd::cert_store store;
@@ -400,7 +398,7 @@ bool wxEAPTLSCredentialsPanel::TransferDataToWindow()
m_cert_select_val->SetSelection(0);
}
return true;
return __super::TransferDataToWindow();
}
@@ -419,6 +417,8 @@ bool wxEAPTLSCredentialsPanel::TransferDataFromWindow()
m_cred.clear();
}
// Inherited TransferDataFromWindow() calls m_cred.store().
// Therefore, call it only now, that m_cred is set.
return __super::TransferDataFromWindow();
}
@@ -428,192 +428,3 @@ void wxEAPTLSCredentialsPanel::OnCertSelect(wxCommandEvent& event)
UNREFERENCED_PARAMETER(event);
m_cert_select_val->Enable(m_cert_select->GetValue());
}
//////////////////////////////////////////////////////////////////////
// wxEAPTLSServerTrustPanel
//////////////////////////////////////////////////////////////////////
wxEAPTLSServerTrustPanel::wxEAPTLSServerTrustPanel(eap::config_tls &cfg, wxWindow* parent) :
m_cfg(cfg),
wxEAPTLSServerTrustConfigPanelBase(parent)
{
// Load and set icon.
if (m_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_server_trust_icon, m_icon, m_certmgr, MAKEINTRESOURCE(218));
m_server_names->SetValidator(wxFQDNListValidator(&(m_cfg.m_server_names)));
}
bool wxEAPTLSServerTrustPanel::TransferDataToWindow()
{
wxCHECK(wxEAPTLSServerTrustConfigPanelBase::TransferDataToWindow(), false);
// Populate trusted CA list.
for (std::list<winstd::cert_context>::const_iterator cert = m_cfg.m_trusted_root_ca.cbegin(), cert_end = m_cfg.m_trusted_root_ca.cend(); cert != cert_end; ++cert) {
winstd::tstring name;
if (CertGetNameString(*cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0)
m_root_ca->Append(wxString(name), new wxCertificateClientData(cert->duplicate()));
}
return true;
}
bool wxEAPTLSServerTrustPanel::TransferDataFromWindow()
{
// Parse trusted CA list.
m_cfg.m_trusted_root_ca.clear();
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (cert)
m_cfg.add_trusted_ca(cert->m_cert->dwCertEncodingType, cert->m_cert->pbCertEncoded, cert->m_cert->cbCertEncoded);
}
return wxEAPTLSServerTrustConfigPanelBase::TransferDataFromWindow();
}
void wxEAPTLSServerTrustPanel::OnRootCA(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
m_root_ca_remove->Enable(cert ? true : false);
}
void wxEAPTLSServerTrustPanel::OnRootCADClick(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
if (cert)
CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, cert->m_cert, this->GetHWND(), NULL, 0, NULL);
}
void wxEAPTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_context cert;
cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL));
if (cert)
AddRootCA(cert);
}
}
void wxEAPTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
const wxString separator(wxT("|"));
wxFileDialog open_dialog(this, _("Add Certificate"), wxEmptyString, wxEmptyString,
_("Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.p7b;*.pem") + separator +
_("X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.pem") + separator +
_("PKCS #7 Certificate Files (*.p7b)") + separator + wxT("*.p7b") + separator +
_("All Files (*.*)") + separator + wxT("*.*"),
wxFD_OPEN|wxFD_FILE_MUST_EXIST|wxFD_MULTIPLE);
if (open_dialog.ShowModal() == wxID_CANCEL) {
event.Skip();
return;
}
wxArrayString paths;
open_dialog.GetPaths(paths);
for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) {
// Load certificate(s) from file.
winstd::cert_store cs;
if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, (LPCTSTR)(paths[i]))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;)
AddRootCA(cert);
} else
wxMessageBox(wxString::Format(_("Invalid or unsupported certificate file %s"), paths[i]), _("Error"), wxOK | wxICON_EXCLAMATION, this);
}
}
void wxEAPTLSServerTrustPanel::OnRootCARemove(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxArrayInt selections;
for (int i = m_root_ca->GetSelections(selections); i--; )
m_root_ca->Delete(selections[i]);
m_root_ca_remove->Enable(false);
}
bool wxEAPTLSServerTrustPanel::AddRootCA(PCCERT_CONTEXT cert)
{
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *c = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (c && c->m_cert &&
c->m_cert->cbCertEncoded == cert->cbCertEncoded &&
memcmp(c->m_cert->pbCertEncoded, cert->pbCertEncoded, cert->cbCertEncoded) == 0)
{
// This certificate is already on the list.
m_root_ca->SetSelection(i);
m_root_ca_remove->Enable();
return false;
}
}
// Add certificate to the list.
winstd::tstring name;
if (CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0) {
int i = m_root_ca->Append(wxString(name), new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
if (0 <= i) {
m_root_ca->SetSelection(i);
m_root_ca_remove->Enable();
}
return true;
}
return false;
}
//////////////////////////////////////////////////////////////////////
// wxEAPTLSConfigPanel
//////////////////////////////////////////////////////////////////////
wxEAPTLSConfigPanel::wxEAPTLSConfigPanel(eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_server_trust = new wxEAPTLSServerTrustPanel(cfg, this);
if (cfg.m_allow_save) {
sb_content->Add(m_server_trust, 0, wxDOWN|wxEXPAND, 5);
m_credentials = new wxEAPTLSCredentialsConfigPanel(cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxUP|wxEXPAND, 5);
} else {
sb_content->Add(m_server_trust, 0, wxEXPAND, 5);
m_credentials = NULL;
}
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
wxEAPTLSConfigPanel::~wxEAPTLSConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
void wxEAPTLSConfigPanel::OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
m_server_trust->GetEventHandler()->ProcessEvent(event);
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}