Support for EapHost based inner methods has been (temporarily) disabled
This commit is contained in:
parent
b87e30bc9d
commit
e7e484c814
@ -325,8 +325,8 @@ namespace eap
|
|||||||
///
|
///
|
||||||
/// \param[in] dwFlags A combination of [EAP flags](https://msdn.microsoft.com/en-us/library/windows/desktop/bb891975.aspx) that describe the EAP authentication session behavior
|
/// \param[in] dwFlags A combination of [EAP flags](https://msdn.microsoft.com/en-us/library/windows/desktop/bb891975.aspx) that describe the EAP authentication session behavior
|
||||||
/// \param[in] hTokenImpersonateUser Impersonation token for a logged-on user to collect user-related information
|
/// \param[in] hTokenImpersonateUser Impersonation token for a logged-on user to collect user-related information
|
||||||
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be `credentials_eaphost*` type)
|
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
|
||||||
/// \param[in] cfg Method configuration (unused, as must be as config_method_eaphost is not derived from `config_method_with_cred`)
|
/// \param[in] cfg Method configuration (when derived from `config_method_with_cred`, metod attempt to load credentials from \p cfg)
|
||||||
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
|
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
|
||||||
///
|
///
|
||||||
/// \returns
|
/// \returns
|
||||||
|
|||||||
@ -267,7 +267,10 @@ eap::config_method* eap::config_method_ttls::make_config_method(_In_ winstd::eap
|
|||||||
switch (eap_type) {
|
switch (eap_type) {
|
||||||
case eap_type_legacy_pap : return new config_method_pap (m_module, m_level + 1);
|
case eap_type_legacy_pap : return new config_method_pap (m_module, m_level + 1);
|
||||||
case eap_type_legacy_mschapv2: return new config_method_mschapv2(m_module, m_level + 1);
|
case eap_type_legacy_mschapv2: return new config_method_mschapv2(m_module, m_level + 1);
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
default : return new config_method_eaphost (m_module, m_level + 1); // EapHost peer method handles all other method types
|
default : return new config_method_eaphost (m_module, m_level + 1); // EapHost peer method handles all other method types
|
||||||
|
#endif
|
||||||
|
default : throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -276,7 +279,9 @@ eap::config_method* eap::config_method_ttls::make_config_method(_In_ const wchar
|
|||||||
{
|
{
|
||||||
if (_wcsicmp(eap_type, L"PAP" ) == 0) return new config_method_pap (m_module, m_level + 1);
|
if (_wcsicmp(eap_type, L"PAP" ) == 0) return new config_method_pap (m_module, m_level + 1);
|
||||||
else if (_wcsicmp(eap_type, L"MSCHAPv2") == 0) return new config_method_mschapv2(m_module, m_level + 1);
|
else if (_wcsicmp(eap_type, L"MSCHAPv2") == 0) return new config_method_mschapv2(m_module, m_level + 1);
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
else if (_wcsicmp(eap_type, L"EapHost" ) == 0) return new config_method_eaphost (m_module, m_level + 1);
|
else if (_wcsicmp(eap_type, L"EapHost" ) == 0) return new config_method_eaphost (m_module, m_level + 1);
|
||||||
|
#endif
|
||||||
else throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
|
else throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -227,23 +227,29 @@ EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// We have configuration, we have credentials, create method.
|
// We have configuration, we have credentials, create method.
|
||||||
|
unique_ptr<method> meth_inner;
|
||||||
auto cfg_inner = cfg_method->m_inner.get();
|
auto cfg_inner = cfg_method->m_inner.get();
|
||||||
auto cred_inner = dynamic_cast<credentials_ttls*>(s->m_cred.m_cred.get())->m_inner.get();
|
auto cred_inner = dynamic_cast<credentials_ttls*>(s->m_cred.m_cred.get())->m_inner.get();
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_inner);
|
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_inner);
|
||||||
unique_ptr<method> meth_inner;
|
if (!cfg_inner_eaphost)
|
||||||
if (!cfg_inner_eaphost) {
|
#endif
|
||||||
|
{
|
||||||
// Native inner methods
|
// Native inner methods
|
||||||
switch (cfg_inner->get_method_id()) {
|
switch (cfg_inner->get_method_id()) {
|
||||||
case eap_type_legacy_pap : meth_inner.reset(new method_pap (*this, dynamic_cast<config_method_pap &>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
|
case eap_type_legacy_pap : meth_inner.reset(new method_pap (*this, dynamic_cast<config_method_pap &>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
|
||||||
case eap_type_legacy_mschapv2: meth_inner.reset(new method_mschapv2(*this, dynamic_cast<config_method_mschapv2&>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
|
case eap_type_legacy_mschapv2: meth_inner.reset(new method_mschapv2(*this, dynamic_cast<config_method_mschapv2&>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
|
||||||
default: throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
|
default: throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
|
||||||
}
|
}
|
||||||
} else {
|
}
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
|
else {
|
||||||
// EapHost inner method
|
// EapHost inner method
|
||||||
meth_inner.reset(
|
meth_inner.reset(
|
||||||
new method_eapmsg (*this, cred_inner->get_identity().c_str(),
|
new method_eapmsg (*this, cred_inner->get_identity().c_str(),
|
||||||
new method_eaphost(*this, *cfg_inner_eaphost, dynamic_cast<credentials_eaphost&>(*cred_inner))));
|
new method_eaphost(*this, *cfg_inner_eaphost, dynamic_cast<credentials_eaphost&>(*cred_inner))));
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
s->m_method.reset(
|
s->m_method.reset(
|
||||||
new method_eap (*this, eap_type_ttls,
|
new method_eap (*this, eap_type_ttls,
|
||||||
new method_defrag(*this,
|
new method_defrag(*this,
|
||||||
|
|||||||
@ -106,7 +106,9 @@ protected:
|
|||||||
// Temporary inner method configurations to hold data until applied
|
// Temporary inner method configurations to hold data until applied
|
||||||
eap::config_method_pap m_cfg_pap; ///< PAP configuration
|
eap::config_method_pap m_cfg_pap; ///< PAP configuration
|
||||||
eap::config_method_mschapv2 m_cfg_mschapv2; ///< MSCHAPv2 configuration
|
eap::config_method_mschapv2 m_cfg_mschapv2; ///< MSCHAPv2 configuration
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
eap::config_method_eaphost m_cfg_eaphost; ///< Inner EAP configuration
|
eap::config_method_eaphost m_cfg_eaphost; ///< Inner EAP configuration
|
||||||
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
/// @}
|
/// @}
|
||||||
|
|||||||
@ -284,8 +284,11 @@ void eap::peer_ttls_ui::invoke_identity_ui(
|
|||||||
src_inner != eap::credentials::source_config && eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
|
src_inner != eap::credentials::source_config && eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
|
||||||
{
|
{
|
||||||
// Prompt for inner credentials.
|
// Prompt for inner credentials.
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_method->m_inner.get());
|
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_method->m_inner.get());
|
||||||
if (!cfg_inner_eaphost) {
|
if (!cfg_inner_eaphost)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
// Native inner methods. Build dialog to prompt for inner credentials.
|
// Native inner methods. Build dialog to prompt for inner credentials.
|
||||||
wxEAPCredentialsDialog dlg(*cfg_prov, &parent);
|
wxEAPCredentialsDialog dlg(*cfg_prov, &parent);
|
||||||
if (eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
|
if (eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
|
||||||
@ -320,7 +323,9 @@ void eap::peer_ttls_ui::invoke_identity_ui(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
}
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
|
else {
|
||||||
// EapHost inner method
|
// EapHost inner method
|
||||||
auto cred_inner = dynamic_cast<eap::credentials_eaphost*>(cred->m_inner.get());
|
auto cred_inner = dynamic_cast<eap::credentials_eaphost*>(cred->m_inner.get());
|
||||||
DWORD cred_data_size = 0;
|
DWORD cred_data_size = 0;
|
||||||
@ -353,6 +358,7 @@ void eap::peer_ttls_ui::invoke_identity_ui(
|
|||||||
else
|
else
|
||||||
wxLogError(_("Invoking EAP identity UI failed (error %u)."), dwResult);
|
wxLogError(_("Invoking EAP identity UI failed (error %u)."), dwResult);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
} else
|
} else
|
||||||
result = wxID_OK;
|
result = wxID_OK;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -102,7 +102,9 @@ void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
|
|||||||
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
|
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
|
||||||
m_cfg_pap (cfg.m_module, cfg.m_level + 1),
|
m_cfg_pap (cfg.m_module, cfg.m_level + 1),
|
||||||
m_cfg_mschapv2(cfg.m_module, cfg.m_level + 1),
|
m_cfg_mschapv2(cfg.m_module, cfg.m_level + 1),
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
m_cfg_eaphost (cfg.m_module, cfg.m_level + 1),
|
m_cfg_eaphost (cfg.m_module, cfg.m_level + 1),
|
||||||
|
#endif
|
||||||
wxEAPConfigWindow(prov, cfg, parent)
|
wxEAPConfigWindow(prov, cfg, parent)
|
||||||
{
|
{
|
||||||
wxBoxSizer* sb_content;
|
wxBoxSizer* sb_content;
|
||||||
@ -122,8 +124,10 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_m
|
|||||||
m_inner_type->AddPage(panel_pap, _("PAP"));
|
m_inner_type->AddPage(panel_pap, _("PAP"));
|
||||||
wxMSCHAPv2ConfigPanel *panel_mschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_mschapv2, m_inner_type);
|
wxMSCHAPv2ConfigPanel *panel_mschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_mschapv2, m_inner_type);
|
||||||
m_inner_type->AddPage(panel_mschapv2, _("MSCHAPv2"));
|
m_inner_type->AddPage(panel_mschapv2, _("MSCHAPv2"));
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
wxEapHostConfigPanel *panel_eaphost = new wxEapHostConfigPanel(m_prov, m_cfg_eaphost, m_inner_type);
|
wxEapHostConfigPanel *panel_eaphost = new wxEapHostConfigPanel(m_prov, m_cfg_eaphost, m_inner_type);
|
||||||
m_inner_type->AddPage(panel_eaphost, _("Other EAP methods..."));
|
m_inner_type->AddPage(panel_eaphost, _("Other EAP methods..."));
|
||||||
|
#endif
|
||||||
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
|
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
|
||||||
|
|
||||||
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
|
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
|
||||||
@ -169,8 +173,11 @@ bool wxTTLSConfigWindow::TransferDataToWindow()
|
|||||||
{
|
{
|
||||||
auto &cfg_ttls = dynamic_cast<eap::config_method_ttls&>(m_cfg);
|
auto &cfg_ttls = dynamic_cast<eap::config_method_ttls&>(m_cfg);
|
||||||
|
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
auto cfg_inner_eaphost = dynamic_cast<eap::config_method_eaphost*>(cfg_ttls.m_inner.get());
|
auto cfg_inner_eaphost = dynamic_cast<eap::config_method_eaphost*>(cfg_ttls.m_inner.get());
|
||||||
if (!cfg_inner_eaphost) {
|
if (!cfg_inner_eaphost)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
// Native inner methods
|
// Native inner methods
|
||||||
switch (cfg_ttls.m_inner->get_method_id()) {
|
switch (cfg_ttls.m_inner->get_method_id()) {
|
||||||
case winstd::eap_type_legacy_pap:
|
case winstd::eap_type_legacy_pap:
|
||||||
@ -186,11 +193,14 @@ bool wxTTLSConfigWindow::TransferDataToWindow()
|
|||||||
default:
|
default:
|
||||||
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
|
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
|
||||||
}
|
}
|
||||||
} else {
|
}
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
|
else {
|
||||||
// EapHost inner method
|
// EapHost inner method
|
||||||
m_cfg_eaphost = *cfg_inner_eaphost;
|
m_cfg_eaphost = *cfg_inner_eaphost;
|
||||||
m_inner_type->SetSelection(2); // 2=EapHost
|
m_inner_type->SetSelection(2); // 2=EapHost
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
|
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
|
||||||
// This will handle wxTTLSConfigWindow::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
|
// This will handle wxTTLSConfigWindow::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
|
||||||
@ -215,9 +225,11 @@ bool wxTTLSConfigWindow::TransferDataFromWindow()
|
|||||||
cfg_ttls.m_inner.reset(new eap::config_method_mschapv2(m_cfg_mschapv2));
|
cfg_ttls.m_inner.reset(new eap::config_method_mschapv2(m_cfg_mschapv2));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
#ifdef EAP_INNER_EAPHOST
|
||||||
case 2: // 2=EapHost
|
case 2: // 2=EapHost
|
||||||
cfg_ttls.m_inner.reset(new eap::config_method_eaphost(m_cfg_eaphost));
|
cfg_ttls.m_inner.reset(new eap::config_method_eaphost(m_cfg_eaphost));
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
|
||||||
default:
|
default:
|
||||||
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
|
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user