Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Support for EapHost based inner methods has been (temporarily) disabled

Browse Source
This commit is contained in:
Simon Rozman 2016-11-03 10:23:30 +01:00
parent b87e30bc9d
commit e7e484c814
6 changed files with 40 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/EAPBase/include/Credentials.h
View File

@ -325,8 +325,8 @@ namespace eap
///
/// \param[in] dwFlags A combination of [EAP flags](https://msdn.microsoft.com/en-us/library/windows/desktop/bb891975.aspx) that describe the EAP authentication session behavior
/// \param[in] hTokenImpersonateUser Impersonation token for a logged-on user to collect user-related information
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be `credentials_eaphost*` type)
/// \param[in] cfg Method configuration (unused, as must be as config_method_eaphost is not derived from `config_method_with_cred`)
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
/// \param[in] cfg Method configuration (when derived from `config_method_with_cred`, metod attempt to load credentials from \p cfg)
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns

5
lib/TTLS/src/Config.cpp
View File

@ -267,7 +267,10 @@ eap::config_method* eap::config_method_ttls::make_config_method(_In_ winstd::eap
switch (eap_type) {
case eap_type_legacy_pap : return new config_method_pap (m_module, m_level + 1);
case eap_type_legacy_mschapv2: return new config_method_mschapv2(m_module, m_level + 1);
#ifdef EAP_INNER_EAPHOST
default : return new config_method_eaphost (m_module, m_level + 1); // EapHost peer method handles all other method types
#endif
default : throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}
}
@ -276,7 +279,9 @@ eap::config_method* eap::config_method_ttls::make_config_method(_In_ const wchar
{
if (_wcsicmp(eap_type, L"PAP" ) == 0) return new config_method_pap (m_module, m_level + 1);
else if (_wcsicmp(eap_type, L"MSCHAPv2") == 0) return new config_method_mschapv2(m_module, m_level + 1);
#ifdef EAP_INNER_EAPHOST
else if (_wcsicmp(eap_type, L"EapHost" ) == 0) return new config_method_eaphost (m_module, m_level + 1);
#endif
else throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}

12
lib/TTLS/src/Module.cpp
View File

@ -227,23 +227,29 @@ EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
}
// We have configuration, we have credentials, create method.
unique_ptr<method> meth_inner;
auto cfg_inner = cfg_method->m_inner.get();
auto cred_inner = dynamic_cast<credentials_ttls*>(s->m_cred.m_cred.get())->m_inner.get();
#ifdef EAP_INNER_EAPHOST
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_inner);
unique_ptr<method> meth_inner;
if (!cfg_inner_eaphost) {
if (!cfg_inner_eaphost)
#endif
{
// Native inner methods
switch (cfg_inner->get_method_id()) {
case eap_type_legacy_pap : meth_inner.reset(new method_pap (*this, dynamic_cast<config_method_pap &>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
case eap_type_legacy_mschapv2: meth_inner.reset(new method_mschapv2(*this, dynamic_cast<config_method_mschapv2&>(*cfg_inner), dynamic_cast<credentials_pass&>(*cred_inner))); break;
default: throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}
} else {
}
#ifdef EAP_INNER_EAPHOST
else {
// EapHost inner method
meth_inner.reset(
new method_eapmsg (*this, cred_inner->get_identity().c_str(),
new method_eaphost(*this, *cfg_inner_eaphost, dynamic_cast<credentials_eaphost&>(*cred_inner))));
}
#endif
s->m_method.reset(
new method_eap (*this, eap_type_ttls,
new method_defrag(*this,

2
lib/TTLS_UI/include/TTLS_UI.h
View File

@ -106,7 +106,9 @@ protected:
// Temporary inner method configurations to hold data until applied
eap::config_method_pap m_cfg_pap; ///< PAP configuration
eap::config_method_mschapv2 m_cfg_mschapv2; ///< MSCHAPv2 configuration
#ifdef EAP_INNER_EAPHOST
eap::config_method_eaphost m_cfg_eaphost; ///< Inner EAP configuration
#endif
};
/// @}

10
lib/TTLS_UI/src/Module.cpp
View File

@ -284,8 +284,11 @@ void eap::peer_ttls_ui::invoke_identity_ui(
src_inner != eap::credentials::source_config && eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
{
// Prompt for inner credentials.
#ifdef EAP_INNER_EAPHOST
auto cfg_inner_eaphost = dynamic_cast<config_method_eaphost*>(cfg_method->m_inner.get());
if (!cfg_inner_eaphost) {
if (!cfg_inner_eaphost)
#endif
{
// Native inner methods. Build dialog to prompt for inner credentials.
wxEAPCredentialsDialog dlg(*cfg_prov, &parent);
if (eap::config_method::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < eap::config_method::status_cred_end)
@ -320,7 +323,9 @@ void eap::peer_ttls_ui::invoke_identity_ui(
}
}
}
} else {
}
#ifdef EAP_INNER_EAPHOST
else {
// EapHost inner method
auto cred_inner = dynamic_cast<eap::credentials_eaphost*>(cred->m_inner.get());
DWORD cred_data_size = 0;
@ -353,6 +358,7 @@ void eap::peer_ttls_ui::invoke_identity_ui(
else
wxLogError(_("Invoking EAP identity UI failed (error %u)."), dwResult);
}
#endif
} else
result = wxID_OK;
}

16
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@ -102,7 +102,9 @@ void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_cfg_pap (cfg.m_module, cfg.m_level + 1),
m_cfg_mschapv2(cfg.m_module, cfg.m_level + 1),
#ifdef EAP_INNER_EAPHOST
m_cfg_eaphost (cfg.m_module, cfg.m_level + 1),
#endif
wxEAPConfigWindow(prov, cfg, parent)
{
wxBoxSizer* sb_content;
@ -122,8 +124,10 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_m
m_inner_type->AddPage(panel_pap, _("PAP"));
wxMSCHAPv2ConfigPanel *panel_mschapv2 = new wxMSCHAPv2ConfigPanel(m_prov, m_cfg_mschapv2, m_inner_type);
m_inner_type->AddPage(panel_mschapv2, _("MSCHAPv2"));
#ifdef EAP_INNER_EAPHOST
wxEapHostConfigPanel *panel_eaphost = new wxEapHostConfigPanel(m_prov, m_cfg_eaphost, m_inner_type);
m_inner_type->AddPage(panel_eaphost, _("Other EAP methods..."));
#endif
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
@ -169,8 +173,11 @@ bool wxTTLSConfigWindow::TransferDataToWindow()
{
auto &cfg_ttls = dynamic_cast<eap::config_method_ttls&>(m_cfg);
#ifdef EAP_INNER_EAPHOST
auto cfg_inner_eaphost = dynamic_cast<eap::config_method_eaphost*>(cfg_ttls.m_inner.get());
if (!cfg_inner_eaphost) {
if (!cfg_inner_eaphost)
#endif
{
// Native inner methods
switch (cfg_ttls.m_inner->get_method_id()) {
case winstd::eap_type_legacy_pap:
@ -186,11 +193,14 @@ bool wxTTLSConfigWindow::TransferDataToWindow()
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
}
} else {
}
#ifdef EAP_INNER_EAPHOST
else {
// EapHost inner method
m_cfg_eaphost = *cfg_inner_eaphost;
m_inner_type->SetSelection(2); // 2=EapHost
}
#endif
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
// This will handle wxTTLSConfigWindow::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
@ -215,9 +225,11 @@ bool wxTTLSConfigWindow::TransferDataFromWindow()
cfg_ttls.m_inner.reset(new eap::config_method_mschapv2(m_cfg_mschapv2));
break;
#ifdef EAP_INNER_EAPHOST
case 2: // 2=EapHost
cfg_ttls.m_inner.reset(new eap::config_method_eaphost(m_cfg_eaphost));
break;
#endif
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));