Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Functions using EAP_ERROR descriptor return bool now for code simplicity

Browse Source
This commit is contained in:
Simon Rozman 2016-06-15 22:59:52 +02:00
parent 03358170f4
commit ec0b283540
27 changed files with 686 additions and 515 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CredWrite/Main.cpp
View File

@ -82,27 +82,26 @@ static int CredWrite()
// Write credentials.
EAP_ERROR *pEapError = NULL;
DWORD dwResult;
#ifdef _DEBUG
{
eap::credentials_pap cred_stored(g_module);
if ((dwResult = cred_stored.retrieve(target_name.c_str(), &pEapError)) != ERROR_SUCCESS) {
if (!cred_stored.retrieve(target_name.c_str(), &pEapError)) {
if (pEapError) {
OutputDebugStr(_T("%ls (error %u)\n"), pEapError->pRootCauseString, pEapError->dwWinError);
g_module.free_error_memory(pEapError);
pEapError = NULL;
} else
OutputDebugStr(_T("Reading credentials failed (error %u).\n"), dwResult);
OutputDebugStr(_T("Reading credentials failed.\n"));
}
}
#endif
if ((dwResult = cred.store(target_name.c_str(), &pEapError)) != ERROR_SUCCESS) {
if (!cred.store(target_name.c_str(), &pEapError)) {
if (pEapError) {
OutputDebugStr(_T("%ls (error %u)\n"), pEapError->pRootCauseString, pEapError->dwWinError);
g_module.free_error_memory(pEapError);
pEapError = NULL;
} else
OutputDebugStr(_T("Writing credentials failed (error %u).\n"), dwResult);
OutputDebugStr(_T("Writing credentials failed.\n"));
return 2;
}

55
EAPMethods/src/Main.cpp
View File

@ -136,7 +136,7 @@ DWORD APIENTRY EapPeerInitialize(_Out_ EAP_ERROR **ppEapError)
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else
dwResult = g_peer.initialize(ppEapError);
dwResult = g_peer.initialize(ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -158,7 +158,7 @@ DWORD APIENTRY EapPeerShutdown(_Out_ EAP_ERROR **ppEapError)
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else
dwResult = g_peer.shutdown(ppEapError);
dwResult = g_peer.shutdown(ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -214,7 +214,7 @@ DWORD APIENTRY EapPeerGetIdentity(
pdwUserDataOutSize,
ppUserDataOut,
ppwszIdentity,
ppEapError);
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -252,22 +252,18 @@ DWORD APIENTRY EapPeerBeginSession(
else if (!phSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" phSession is NULL."), NULL);
else {
*phSession = NULL;
// Allocate new session.
eap::session *session = new _EAPMETHOD_SESSION();
std::unique_ptr<_EAPMETHOD_SESSION> session(new _EAPMETHOD_SESSION(g_peer));
if (!session)
return dwResult = ERROR_OUTOFMEMORY;
// Begin the session.
dwResult = session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwConnectionDataSize, pConnectionData, dwUserDataSize, pUserData, dwMaxSendPacketSize, ppEapError);
if (dwResult != ERROR_SUCCESS) {
// Cleanup.
delete session;
*phSession = NULL;
return dwResult;
}
if (!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwConnectionDataSize, pConnectionData, dwUserDataSize, pUserData, dwMaxSendPacketSize, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
assert(phSession);
*phSession = session;
*phSession = session.release();
}
return dwResult;
@ -292,8 +288,8 @@ DWORD APIENTRY EapPeerEndSession(_In_ EAP_SESSION_HANDLE hSession, _Out_ EAP_ERR
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
else {
dwResult = static_cast<eap::session*>(hSession)->end(ppEapError);
delete static_cast<eap::session*>(hSession);
static_cast<_EAPMETHOD_SESSION*>(hSession)->end(ppEapError);
delete static_cast<_EAPMETHOD_SESSION*>(hSession);
}
return dwResult;
@ -327,7 +323,7 @@ DWORD APIENTRY EapPeerProcessRequestPacket(
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->process_request_packet(dwReceivedPacketSize, pReceivedPacket, pEapOutput, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->process_request_packet(dwReceivedPacketSize, pReceivedPacket, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -359,7 +355,7 @@ DWORD APIENTRY EapPeerGetResponsePacket(
else if (!pSendPacket && *pdwSendPacketSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pSendPacket is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->get_response_packet(pdwSendPacketSize, pSendPacket, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_packet(pdwSendPacketSize, pSendPacket, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -385,7 +381,7 @@ DWORD APIENTRY EapPeerGetResult(_In_ EAP_SESSION_HANDLE hSession, _In_ EapPeerMe
else if (!ppResult)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppResult is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->get_result(reason, ppResult, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_result(reason, ppResult, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -419,7 +415,7 @@ DWORD APIENTRY EapPeerGetUIContext(
else if (!ppUIContextData)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppUIContextData is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->get_ui_context(pdwUIContextDataSize, ppUIContextData, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(pdwUIContextDataSize, ppUIContextData, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -454,7 +450,7 @@ DWORD APIENTRY EapPeerSetUIContext(
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->set_ui_context(dwUIContextDataSize, pUIContextData, pEapOutput, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(dwUIContextDataSize, pUIContextData, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -480,7 +476,7 @@ DWORD APIENTRY EapPeerGetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _O
else if (!pAttribs)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pAttribs is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->get_response_attributes(pAttribs, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_attributes(pAttribs, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -506,7 +502,7 @@ DWORD APIENTRY EapPeerSetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _I
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<eap::session*>(hSession)->set_response_attributes(pAttribs, pEapOutput, ppEapError);
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->set_response_attributes(pAttribs, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -557,7 +553,7 @@ DWORD WINAPI EapPeerGetMethodProperties(
dwUserDataSize,
pUserData,
pMethodPropertyArray,
ppEapError);
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -613,9 +609,8 @@ DWORD WINAPI EapPeerCredentialsXml2Blob(
// Load credentials.
pCredentialsDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER::identity_type cred(g_peer);
dwResult = cred.load(pXmlElCredentials, ppEapError);
if (dwResult != ERROR_SUCCESS)
return dwResult;
if (!cred.load(pXmlElCredentials, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for credentials.
assert(ppCredentialsOut);
@ -674,7 +669,7 @@ DWORD WINAPI EapPeerQueryCredentialInputFields(
dwEapConnDataSize,
pEapConnData,
pEapConfigInputFieldsArray,
ppEapError);
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -725,7 +720,7 @@ DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields(
pEapConfigInputFieldArray,
pdwUsersBlobSize,
ppUserBlob,
ppEapError);
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -767,7 +762,7 @@ DWORD WINAPI EapPeerQueryInteractiveUIInputFields(
pUIContextData,
pEapInteractiveUIData,
ppEapError,
pvReserved);
pvReserved) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}
@ -815,7 +810,7 @@ DWORD WINAPI EapPeerQueryUIBlobFromInteractiveUIInputFields(
pdwDataFromInteractiveUISize,
ppDataFromInteractiveUI,
ppEapError,
ppvReserved);
ppvReserved) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult;
}

21
EAPMethods/src/Main_UI.cpp
View File

@ -130,9 +130,8 @@ DWORD WINAPI EapPeerConfigXml2Blob(
// Load configuration.
pConfigDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
dwResult = cfg.load(pXmlElConfig, ppEapError);
if (dwResult != ERROR_SUCCESS)
return dwResult;
if (!cfg.load(pXmlElConfig, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for configuration.
assert(ppConfigOut);
@ -225,8 +224,8 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Save all providers.
pDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
if ((dwResult = cfg.save(pDoc, pXmlElConfig, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!cfg.save(pDoc, pXmlElConfig, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
*ppConfigDoc = pDoc.detach();
}
@ -281,8 +280,8 @@ DWORD WINAPI EapPeerInvokeConfigUI(
assert(cursor - pConnectionDataIn <= (ptrdiff_t)dwConnectionDataInSize);
}
if ((dwResult = g_peer.invoke_config_ui(hwndParent, cfg, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for configuration.
assert(ppConnectionDataOut);
@ -364,8 +363,8 @@ DWORD WINAPI EapPeerInvokeIdentityUI(
assert(cursor - pUserData <= (ptrdiff_t)dwUserDataSize);
}
if ((dwResult = g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for user data.
assert(ppUserDataOut);
@ -432,8 +431,8 @@ DWORD WINAPI EapPeerInvokeInteractiveUI(
}
_EAPMETHOD_PEER_UI::interactive_response_type res;
if ((dwResult = g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for user data.
assert(ppDataFromInteractiveUI);

133
lib/EAPBase/include/Config.h
View File

@ -164,11 +164,6 @@ namespace eap
///
config(_Inout_ config &&other);
///
/// Destructs configuration
///
virtual ~config();
///
/// Copies configuration
///
@ -205,10 +200,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const = 0;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const = 0;
///
/// Load configuration from XML document
@ -217,10 +212,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) = 0;
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) = 0;
/// @}
@ -330,10 +325,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const winstd::bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
@ -342,27 +337,27 @@ namespace eap
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."), NULL);
return dwResult;
return false;
}
// <ClientSideCredential>/<allow-save>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), bstrNamespace, m_allow_save)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <allow-save> element."), NULL);
return dwResult;
return false;
}
// <ClientSideCredential>/<AnonymousIdentity>
if (!m_anonymous_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"AnonymousIdentity"), bstrNamespace, winstd::bstr(m_anonymous_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."), NULL);
return dwResult;
return false;
}
if (m_use_preshared)
if ((dwResult = m_preshared.save(pDoc, pXmlElClientSideCredential, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_preshared.save(pDoc, pXmlElClientSideCredential, ppEapError))
return false;
return ERROR_SUCCESS;
return true;
}
@ -373,13 +368,11 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult;
m_allow_save = true;
m_use_preshared = false;
m_preshared.clear();
@ -394,7 +387,7 @@ namespace eap
// <AnonymousIdentity>
eapxml::get_element_value(pXmlElClientSideCredential, winstd::bstr(L"eap-metadata:AnonymousIdentity"), m_anonymous_identity);
if ((dwResult = m_preshared.load(pXmlElClientSideCredential, ppEapError)) != ERROR_SUCCESS) {
if (!m_preshared.load(pXmlElClientSideCredential, ppEapError)) {
// This is not really an error - merely an indication pre-shared credentials are unavailable.
if (*ppEapError) {
m_module.free_error_memory(*ppEapError);
@ -404,7 +397,7 @@ namespace eap
m_use_preshared = true;
}
return ERROR_SUCCESS;
return true;
}
/// @}
@ -527,10 +520,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const winstd::bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
@ -540,42 +533,42 @@ namespace eap
if (!m_id.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, winstd::bstr(L"ID"), bstrNamespace, winstd::bstr(m_id))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ID> element."), NULL);
return dwResult;
return false;
}
// <ProviderInfo>
winstd::com_obj<IXMLDOMElement> pXmlElProviderInfo;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ProviderInfo"), winstd::bstr(L"ProviderInfo"), bstrNamespace, &pXmlElProviderInfo)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ProviderInfo> element."), NULL);
return dwResult;
return false;
}
// <ProviderInfo>/<CredentialPrompt>
if (!m_lbl_alt_credential.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"CredentialPrompt"), bstrNamespace, winstd::bstr(m_lbl_alt_credential))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CredentialPrompt> element."), NULL);
return dwResult;
return false;
}
// <ProviderInfo>/<UserNameLabel>
if (!m_lbl_alt_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"UserNameLabel"), bstrNamespace, winstd::bstr(m_lbl_alt_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserNameLabel> element."), NULL);
return dwResult;
return false;
}
// <ProviderInfo>/<PasswordLabel>
if (!m_lbl_alt_password.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"PasswordLabel"), bstrNamespace, winstd::bstr(m_lbl_alt_password))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <PasswordLabel> element."), NULL);
return dwResult;
return false;
}
// <AuthenticationMethods>
winstd::com_obj<IXMLDOMElement> pXmlElAuthenticationMethods;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:AuthenticationMethods"), winstd::bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethods> element."), NULL);
return dwResult;
return false;
}
for (std::list<_Tmeth>::const_iterator method = m_methods.cbegin(), method_end = m_methods.cend(); method != method_end; ++method) {
@ -583,20 +576,20 @@ namespace eap
winstd::com_obj<IXMLDOMElement> pXmlElAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethod> element."), NULL);
return dwResult;
return false;
}
// <AuthenticationMethod>/...
if ((dwResult = method->save(pDoc, pXmlElAuthenticationMethod, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!method->save(pDoc, pXmlElAuthenticationMethod, ppEapError))
return false;
if (FAILED(hr = pXmlElAuthenticationMethods->appendChild(pXmlElAuthenticationMethod, NULL))) {
*ppEapError = m_module.make_error(dwResult = HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <AuthenticationMethod> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <AuthenticationMethod> element."), NULL);
return false;
}
}
return dwResult;
return true;
}
@ -607,10 +600,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
assert(ppEapError);
@ -642,8 +635,8 @@ namespace eap
m_methods.clear();
winstd::com_obj<IXMLDOMNodeList> pXmlListMethods;
if ((dwResult = eapxml::select_nodes(pConfigRoot, winstd::bstr(L"eap-metadata:AuthenticationMethods/eap-metadata:AuthenticationMethod"), &pXmlListMethods)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements."), NULL);
return dwResult;
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements."), NULL);
return false;
}
long lCount = 0;
pXmlListMethods->get_length(&lCount);
@ -663,15 +656,14 @@ namespace eap
}
// Load configuration.
dwResult = cfg.load(pXmlElMethod, ppEapError);
if (dwResult != ERROR_SUCCESS)
return dwResult;
if (!cfg.load(pXmlElMethod, ppEapError))
return false;
// Add configuration to the list.
m_methods.push_back(std::move(cfg));
}
return ERROR_SUCCESS;
return true;
}
/// @}
@ -772,10 +764,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const winstd::bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
@ -784,8 +776,8 @@ namespace eap
// Select <EAPIdentityProviderList> node.
winstd::com_obj<IXMLDOMNode> pXmlElIdentityProviderList;
if ((dwResult = eapxml::select_node(pConfigRoot, winstd::bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList> element."), NULL);
return false;
}
for (std::list<_Tprov>::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) {
@ -793,20 +785,20 @@ namespace eap
winstd::com_obj<IXMLDOMElement> pXmlElIdentityProvider;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <EAPIdentityProvider> element."), NULL);
return dwResult;
return false;
}
// <EAPIdentityProvider>/...
if ((dwResult = provider->save(pDoc, pXmlElIdentityProvider, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!provider->save(pDoc, pXmlElIdentityProvider, ppEapError))
return false;
if (FAILED(hr = pXmlElIdentityProviderList->appendChild(pXmlElIdentityProvider, NULL))) {
*ppEapError = m_module.make_error(dwResult = HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <EAPIdentityProvider> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <EAPIdentityProvider> element."), NULL);
return false;
}
}
return dwResult;
return true;
}
@ -817,10 +809,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
assert(ppEapError);
@ -829,8 +821,8 @@ namespace eap
// Iterate authentication providers (<EAPIdentityProvider>).
winstd::com_obj<IXMLDOMNodeList> pXmlListProviders;
if ((dwResult = eapxml::select_nodes(pConfigRoot, winstd::bstr(L"eap-metadata:EAPIdentityProviderList/eap-metadata:EAPIdentityProvider"), &pXmlListProviders)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements."), NULL);
return dwResult;
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements."), NULL);
return false;
}
long lCount = 0;
pXmlListProviders->get_length(&lCount);
@ -841,15 +833,14 @@ namespace eap
_Tprov prov(m_module);
// Load provider.
dwResult = prov.load(pXmlElProvider, ppEapError);
if (dwResult != ERROR_SUCCESS)
return dwResult;
if (!prov.load(pXmlElProvider, ppEapError))
return false;
// Add provider to the list.
m_providers.push_back(std::move(prov));
}
return dwResult;
return true;
}
/// @}

48
lib/EAPBase/include/Credentials.h
View File

@ -169,10 +169,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load credentials from XML document
@ -181,10 +181,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}
@ -198,10 +198,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const = 0;
virtual bool store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const = 0;
///
/// Retrieve credentials from Windows Credential Manager
@ -210,10 +210,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) = 0;
virtual bool retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) = 0;
///
/// Return target suffix for Windows Credential Manager credential name
@ -307,10 +307,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load credentials from XML document
@ -319,10 +319,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}
@ -336,10 +336,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
virtual bool store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
///
/// Retrieve credentials from Windows Credential Manager
@ -348,10 +348,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
virtual bool retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
/// @}

211
lib/EAPBase/include/Module.h
View File

@ -120,10 +120,10 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
DWORD encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const;
bool encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const;
///
@ -136,11 +136,11 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Elem, class _Traits, class _Ax>
DWORD encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<_Elem, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
bool encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<_Elem, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
return encrypt(hProv, val.c_str(), val.length*sizeof(_Elem), enc, ppEapError, hHash);
}
@ -156,11 +156,11 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Traits, class _Ax>
DWORD encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
bool encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
winstd::sanitizing_string val_utf8;
WideCharToMultiByte(CP_UTF8, 0, val.c_str(), (int)val.length(), val_utf8, NULL, NULL);
@ -178,10 +178,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
DWORD encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const;
bool encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const;
///
@ -193,11 +193,11 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Elem, class _Traits, class _Ax>
DWORD encrypt_md5(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<_Elem, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
bool encrypt_md5(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<_Elem, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
{
return encrypt_md5(hProv, val.c_str(), val.length()*sizeof(_Elem), enc, ppEapError);
}
@ -212,11 +212,11 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Traits, class _Ax>
DWORD encrypt_md5(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
bool encrypt_md5(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<wchar_t, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
{
winstd::sanitizing_string val_utf8;
WideCharToMultiByte(CP_UTF8, 0, val.c_str(), (int)val.length(), val_utf8, NULL, NULL);
@ -235,14 +235,13 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Ty, class _Ax>
DWORD decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<_Ty, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
bool decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<_Ty, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
assert(ppEapError);
DWORD dwResult;
// Import the private key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PRIVATE), RT_RCDATA);
@ -253,26 +252,26 @@ namespace eap
unique_ptr<unsigned char[], LocalFree_delete<unsigned char[]> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return false;
}
if (!key.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Private key import failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Private key import failed."), NULL);
return false;
}
// Decrypt the data using our private key.
vector<unsigned char, sanitizing_allocator<unsigned char> > buf(size);
memcpy(buf.data(), data, size);
if (!CryptDecrypt(key, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Decrypting password failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Decrypting password failed."), NULL);
return false;
}
dec.assign(buf.begin(), buf.end());
return ERROR_SUCCESS;
return true;
}
@ -287,20 +286,18 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Elem, class _Traits, class _Ax>
DWORD decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<_Elem, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
bool decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<_Elem, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
DWORD dwResult;
std::vector<_Elem, sanitizing_allocator<_Elem> > buf;
if ((dwResult = decrypt(hProv, data, size, buf, ppEapError, hHash)) != ERROR_SUCCESS)
return dwResult;
if (!decrypt(hProv, data, size, buf, ppEapError, hHash))
return false;
dec.assign((const _Elem*)buf.begin(), (const _Elem*)buf.end());
return ERROR_SUCCESS;
return true;
}
@ -315,20 +312,18 @@ namespace eap
/// \param[out] hHash Handle of hashing object
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Traits, class _Ax>
DWORD decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
bool decrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
DWORD dwResult;
winstd::sanitizing_string buf;
if ((dwResult = decrypt(hProv, data, size, buf, ppEapError, hHash)) != ERROR_SUCCESS)
return dwResult;
if (!decrypt(hProv, data, size, buf, ppEapError, hHash))
return false;
MultiByteToWideChar(CP_UTF8, 0, buf.data(), (int)buf.size(), dec);
return ERROR_SUCCESS;
return true;
}
@ -342,44 +337,42 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Ty, class _Ax>
DWORD decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<_Ty, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
bool decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<_Ty, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return false;
}
DWORD dwHashSize, dwHashSizeSize = sizeof(dwHashSize);
CryptGetHashParam(hash, HP_HASHSIZE, (LPBYTE)&dwHashSize, &dwHashSizeSize, 0);
if (size < dwHashSize) {
*ppEapError = make_error(dwResult = ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypted data too short."), NULL);
return dwResult;
*ppEapError = make_error(ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypted data too short."), NULL);
return false;
}
size_t enc_size = size - dwHashSize;
// Decrypt data.
if ((dwResult = decrypt(hProv, data, enc_size, dec, ppEapError, hash)) != ERROR_SUCCESS)
return dwResult;
if (!decrypt(hProv, data, enc_size, dec, ppEapError, hash))
return false;
// Calculate MD5 hash and verify it.
vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return false;
}
if (memcmp((unsigned char*)data + enc_size, hash_bin.data(), dwHashSize) != 0) {
*ppEapError = make_error(dwResult = ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Invalid encrypted data."), NULL);
return dwResult;
*ppEapError = make_error(ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Invalid encrypted data."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}
@ -393,20 +386,18 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Elem, class _Traits, class _Ax>
DWORD decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<_Elem, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
bool decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<_Elem, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
std::vector<_Elem, sanitizing_allocator<_Elem> > buf;
if ((dwResult = decrypt_md5(hProv, data, size, buf, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!decrypt_md5(hProv, data, size, buf, ppEapError))
return false;
dec.assign(buf.data(), buf.size());
return ERROR_SUCCESS;
return true;
}
@ -420,20 +411,18 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class _Traits, class _Ax>
DWORD decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
bool decrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::basic_string<wchar_t, _Traits, _Ax> &dec, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
winstd::sanitizing_string buf;
if ((dwResult = decrypt_md5(hProv, data, size, buf, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!decrypt_md5(hProv, data, size, buf, ppEapError))
return false;
MultiByteToWideChar(CP_UTF8, 0, buf.data(), (int)buf.size(), dec);
return ERROR_SUCCESS;
return true;
}
/// @}
@ -494,21 +483,33 @@ namespace eap
///
/// \sa [EapPeerGetInfo function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363613.aspx)
///
virtual DWORD initialize(_Out_ EAP_ERROR **ppEapError) = 0;
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool initialize(_Out_ EAP_ERROR **ppEapError) = 0;
///
/// Shuts down the EAP method and prepares to unload its corresponding DLL.
///
/// \sa [EapPeerShutdown function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363627.aspx)
///
virtual DWORD shutdown(_Out_ EAP_ERROR **ppEapError) = 0;
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool shutdown(_Out_ EAP_ERROR **ppEapError) = 0;
///
/// Returns the user data and user identity after being called by EAPHost.
///
/// \sa [EapPeerGetIdentity function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363607.aspx)
///
virtual DWORD get_identity(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
@ -526,7 +527,11 @@ namespace eap
///
/// \sa [EapPeerGetMethodProperties function](https://msdn.microsoft.com/en-us/library/windows/desktop/hh706636.aspx)
///
virtual DWORD get_method_properties(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
@ -542,7 +547,11 @@ namespace eap
///
/// \sa [EapPeerQueryCredentialInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363622.aspx)
///
virtual DWORD query_credential_input_fields(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool query_credential_input_fields(
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwFlags,
_In_ DWORD dwEapConnDataSize,
@ -557,9 +566,8 @@ namespace eap
UNREFERENCED_PARAMETER(pEapConfigInputFieldsArray);
UNREFERENCED_PARAMETER(ppEapError);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
///
@ -567,7 +575,11 @@ namespace eap
///
/// \sa [EapPeerQueryUserBlobFromCredentialInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/bb204697.aspx)
///
virtual DWORD query_user_blob_from_credential_input_fields(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool query_user_blob_from_credential_input_fields(
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwFlags,
_In_ DWORD dwEapConnDataSize,
@ -586,9 +598,8 @@ namespace eap
UNREFERENCED_PARAMETER(ppUserBlob);
UNREFERENCED_PARAMETER(ppEapError);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
///
@ -596,7 +607,11 @@ namespace eap
///
/// \sa [EapPeerQueryInteractiveUIInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/bb204695.aspx)
///
virtual DWORD query_interactive_ui_input_fields(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool query_interactive_ui_input_fields(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ DWORD dwUIContextDataSize,
@ -613,9 +628,8 @@ namespace eap
UNREFERENCED_PARAMETER(ppEapError);
UNREFERENCED_PARAMETER(pvReserved);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
///
@ -623,7 +637,11 @@ namespace eap
///
/// \sa [EapPeerQueryUIBlobFromInteractiveUIInputFields function](https://msdn.microsoft.com/en-us/library/windows/desktop/bb204696.aspx)
///
virtual DWORD query_ui_blob_from_interactive_ui_input_fields(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool query_ui_blob_from_interactive_ui_input_fields(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ DWORD dwUIContextDataSize,
@ -644,9 +662,8 @@ namespace eap
UNREFERENCED_PARAMETER(ppEapError);
UNREFERENCED_PARAMETER(ppvReserved);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
};
}

94
lib/EAPBase/include/Session.h
View File

@ -28,6 +28,8 @@ namespace eap
#pragma once
#include "Module.h"
#include <Windows.h>
#include <eaptypes.h> // Must include after <Windows.h>
extern "C" {
@ -44,12 +46,41 @@ namespace eap
///
/// Constructs a session
///
session();
/// \param[in] mod Reference of the EAP module to use for global services
///
session(_In_ module &mod);
///
/// Destructs the session
/// Copies session
///
virtual ~session();
/// \param[in] other Session to copy from
///
session(_In_ const session &other);
///
/// Moves session
///
/// \param[in] other Session to move from
///
session(_Inout_ session &&other);
///
/// Copies session
///
/// \param[in] other Session to copy from
///
/// \returns Reference to this object
///
session& operator=(_In_ const session &other);
///
/// Moves session
///
/// \param[in] other Session to move from
///
/// \returns Reference to this object
///
session& operator=(_Inout_ session &&other);
/// \name Session start/end
/// @{
@ -59,7 +90,11 @@ namespace eap
///
/// \sa [EapPeerBeginSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363600.aspx)
///
virtual DWORD begin(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
@ -75,7 +110,11 @@ namespace eap
///
/// \sa [EapPeerEndSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363604.aspx)
///
virtual DWORD end(_Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool end(_Out_ EAP_ERROR **ppEapError);
/// @}
@ -87,7 +126,11 @@ namespace eap
///
/// \sa [EapPeerProcessRequestPacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363621.aspx)
///
virtual DWORD process_request_packet(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool process_request_packet(
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
@ -98,7 +141,11 @@ namespace eap
///
/// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx)
///
virtual DWORD get_response_packet(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError);
@ -108,7 +155,11 @@ namespace eap
///
/// \sa [EapPeerGetResult function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363611.aspx)
///
virtual DWORD get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError);
/// @}
@ -122,7 +173,11 @@ namespace eap
///
/// \sa [EapPeerGetUIContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363612.aspx)
///
virtual DWORD get_ui_context(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError);
@ -134,7 +189,11 @@ namespace eap
///
/// \sa [EapPeerSetUIContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363626.aspx)
///
virtual DWORD set_ui_context(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
@ -150,15 +209,26 @@ namespace eap
///
/// \sa [EapPeerGetResponseAttributes function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363609.aspx)
///
virtual DWORD get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError);
///
/// Provides an updated array of EAP response attributes to the EAP method.
///
/// \sa [EapPeerSetResponseAttributes function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363625.aspx)
///
virtual DWORD set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError);
/// @}
public:
module &m_module; ///< Reference of the EAP module
};
}

5
lib/EAPBase/src/Config.cpp
View File

@ -46,11 +46,6 @@ eap::config::config(_Inout_ config &&other) :
}
eap::config::~config()
{
}
eap::config& eap::config::operator=(_In_ const config &other)
{
UNREFERENCED_PARAMETER(other);

73
lib/EAPBase/src/Credentials.cpp
View File

@ -83,7 +83,7 @@ bool eap::credentials::empty() const
}
DWORD eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
@ -91,24 +91,24 @@ DWORD eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConf
// <UserName>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserName> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <UserName> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
@ -170,13 +170,13 @@ bool eap::credentials_pass::empty() const
}
DWORD eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
if ((dwResult = credentials::save(pDoc, pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::save(pDoc, pConfigRoot, ppEapError))
return false;
// <Password>
bstr pass(m_password);
@ -184,51 +184,50 @@ DWORD eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (dwResult != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <Password> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = credentials::load(pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::load(pConfigRoot, ppEapError))
return false;
bstr pass;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:Password"), &pass)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <Password> element."), NULL);
return dwResult;
return false;
}
m_password = pass;
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
{
assert(pszTargetName);
assert(ppEapError);
DWORD dwResult;
string password_enc;
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Encrypt password.
vector<unsigned char> password;
if ((dwResult = m_module.encrypt_md5(cp, m_password, password, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_module.encrypt_md5(cp, m_password, password, ppEapError))
return false;
// Convert encrypted password to Base64, since CredProtectA() fail for binary strings.
string password_base64;
@ -238,8 +237,8 @@ DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR *
// Encrypt the password using user's key.
CRED_PROTECTION_TYPE cpt;
if (!CredProtectA(TRUE, password_base64.c_str(), (DWORD)password_base64.length(), password_enc, &cpt)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
return false;
}
tstring target(target_name(pszTargetName));
@ -262,24 +261,23 @@ DWORD eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR *
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
{
assert(pszTargetName);
DWORD dwResult;
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return false;
}
m_identity = cred->UserName;
@ -287,8 +285,8 @@ DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERRO
// Decrypt the password using user's key.
string password_base64;
if (!CredUnprotectA(TRUE, (LPCSTR)(cred->CredentialBlob), cred->CredentialBlobSize, password_base64)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
return false;
}
// Convert Base64 to binary encrypted password, since CredProtectA() fail for binary strings.
@ -300,13 +298,10 @@ DWORD eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERRO
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Decrypt password.
if ((dwResult = m_module.decrypt_md5(cp, password.data(), password.size(), m_password, ppEapError)) != ERROR_SUCCESS)
return dwResult;
return ERROR_SUCCESS;
return m_module.decrypt_md5(cp, password.data(), password.size(), m_password, ppEapError);
}

41
lib/EAPBase/src/Module.cpp
View File

@ -123,10 +123,9 @@ void eap::module::free_error_memory(_In_ EAP_ERROR *err)
}
DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
bool eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
{
assert(ppEapError);
DWORD dwResult;
// Import the public key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PUBLIC), RT_RCDATA);
@ -137,13 +136,13 @@ DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const voi
unique_ptr<CERT_PUBLIC_KEY_INFO, LocalFree_delete<CERT_PUBLIC_KEY_INFO> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
return false;
}
if (!key.import_public(hProv, X509_ASN_ENCODING, keyinfo_data.get())) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Public key import failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Public key import failed."), NULL);
return false;
}
// Pre-allocate memory to allow space, as encryption will grow the data.
@ -155,39 +154,37 @@ DWORD eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const voi
// Encrypt the data using our public key.
if (!CryptEncrypt(key, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypting data failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypting data failed."), NULL);
return false;
}
// Copy encrypted data.
enc.assign(buf.begin(), buf.end());
return ERROR_SUCCESS;
return true;
}
DWORD eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
bool eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
return false;
}
// Encrypt data.
if ((dwResult = encrypt(hProv, data, size, enc, ppEapError, hash)) != ERROR_SUCCESS)
return dwResult;
if (!encrypt(hProv, data, size, enc, ppEapError, hash))
return false;
// Calculate MD5 hash and append it.
// Calculate MD5 hash.
vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) {
*ppEapError = make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return dwResult;
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
return false;
}
enc.insert(enc.end(), hash_bin.begin(), hash_bin.end());
return ERROR_SUCCESS;
// Append hash.
enc.insert(enc.end(), hash_bin.begin(), hash_bin.end());
return true;
}

85
lib/EAPBase/src/Session.cpp
View File

@ -28,17 +28,41 @@ using namespace winstd;
// eap::session
//////////////////////////////////////////////////////////////////////
eap::session::session()
eap::session::session(_In_ module &mod) :
m_module(mod)
{
}
eap::session::~session()
eap::session::session(_In_ const session &other) :
m_module(other.m_module)
{
}
DWORD eap::session::begin(
eap::session::session(_Inout_ session &&other) :
m_module(other.m_module)
{
}
eap::session& eap::session::operator=(_In_ const session &other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Copy session within same module only!
return *this;
}
eap::session& eap::session::operator=(_Inout_ session &&other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Move session within same module only!
return *this;
}
bool eap::session::begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
@ -59,19 +83,19 @@ DWORD eap::session::begin(
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return ERROR_SUCCESS;
return true;
}
DWORD eap::session::end(_Out_ EAP_ERROR **ppEapError)
bool eap::session::end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return ERROR_SUCCESS;
return true;
}
DWORD eap::session::process_request_packet(
bool eap::session::process_request_packet(
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
@ -80,49 +104,53 @@ DWORD eap::session::process_request_packet(
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_response_packet(
bool eap::session::get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
bool eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_ui_context(
bool eap::session::get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwUIContextDataSize);
UNREFERENCED_PARAMETER(ppUIContextData);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::set_ui_context(
bool eap::session::set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
@ -131,26 +159,29 @@ DWORD eap::session::set_ui_context(
UNREFERENCED_PARAMETER(dwUIContextDataSize);
UNREFERENCED_PARAMETER(pUIContextData);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
bool eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
bool eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
UNREFERENCED_PARAMETER(ppEapError);
assert(ppEapError);
return ERROR_NOT_SUPPORTED;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}

19
lib/EAPBase_UI/include/EAP_UI.h
View File

@ -353,16 +353,14 @@ protected:
if (!m_target.empty()) {
// Read credentials from Credential Manager
EAP_ERROR *pEapError;
DWORD dwResult;
if ((dwResult = m_cred.retrieve(m_target.c_str(), &pEapError)) == ERROR_SUCCESS) {
if (m_cred.retrieve(m_target.c_str(), &pEapError)) {
m_remember->SetValue(true);
} else if (dwResult != ERROR_NOT_FOUND) {
if (pEapError) {
} else if (pEapError) {
if (pEapError->dwWinError != ERROR_NOT_FOUND)
wxLogError(winstd::tstring_printf(_("Error reading credentials from Credential Manager: %ls (error %u)"), pEapError->pRootCauseString, pEapError->dwWinError).c_str());
m_cred.m_module.free_error_memory(pEapError);
} else
wxLogError(_("Reading credentials failed (error %u)."), dwResult);
}
m_cred.m_module.free_error_memory(pEapError);
} else
wxLogError(_("Reading credentials failed."));
}
return true;
@ -375,13 +373,12 @@ protected:
// Write credentials to credential manager.
if (m_remember->GetValue()) {
EAP_ERROR *pEapError;
DWORD dwResult;
if ((dwResult = m_cred.store(m_target.c_str(), &pEapError)) != ERROR_SUCCESS) {
if (!m_cred.store(m_target.c_str(), &pEapError)) {
if (pEapError) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %ls (error %u)"), pEapError->pRootCauseString, pEapError->dwWinError).c_str());
m_cred.m_module.free_error_memory(pEapError);
} else
wxLogError(_("Writing credentials failed (error %u)."), dwResult);
wxLogError(_("Writing credentials failed."));
}
}
}

18
lib/EAPBase_UI/include/Module.h
View File

@ -54,10 +54,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_config_ui(
virtual bool invoke_config_ui(
_In_ HWND hwndParent,
_Inout_ config_type &cfg,
_Out_ EAP_ERROR **ppEapError) = 0;
@ -75,10 +75,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_identity_ui(
virtual bool invoke_identity_ui(
_In_ HWND hwndParent,
_In_ DWORD dwFlags,
_Inout_ config_type &cfg,
@ -97,10 +97,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_interactive_ui(
virtual bool invoke_interactive_ui(
_In_ HWND hwndParent,
_In_ const interactive_request_type &req,
_Out_ interactive_response_type &res,

12
lib/TLS/include/Config.h
View File

@ -132,10 +132,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load configuration from XML document
@ -144,10 +144,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}

24
lib/TLS/include/Credentials.h
View File

@ -136,10 +136,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load credentials from XML document
@ -148,10 +148,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}
@ -165,10 +165,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
virtual bool store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
///
/// Retrieve credentials from Windows Credential Manager
@ -177,10 +177,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
virtual bool retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
///
/// Return target suffix for Windows Credential Manager credential name

28
lib/TLS/src/Config.cpp
View File

@ -79,17 +79,20 @@ eap::config* eap::config_tls::clone() const
}
DWORD eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
if (!config_method<credentials_tls>::save(pDoc, pConfigRoot, ppEapError))
return false;
// <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ServerSideCredential> element."), NULL);
return dwResult;
return false;
}
for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) {
@ -97,25 +100,25 @@ DWORD eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
com_obj<IXMLDOMElement> pXmlElCA;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CA> element."), NULL);
return dwResult;
return false;
}
// <CA>/<format>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <format> element."), NULL);
return dwResult;
return false;
}
// <CA>/<cert-data>
const cert_context &cc = *i;
if ((dwResult = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <cert-data> element."), NULL);
return dwResult;
return false;
}
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL))) {
*ppEapError = m_module.make_error(dwResult = HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <CA> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <CA> element."), NULL);
return false;
}
}
@ -125,16 +128,19 @@ DWORD eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
MultiByteToWideChar(CP_UTF8, 0, i->c_str(), (int)i->length(), str);
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ServerName> element."), NULL);
return dwResult;
return false;
}
}
return config_method<credentials_tls>::save(pDoc, pConfigRoot, ppEapError);
return true;
}
DWORD eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
if (!config_method<credentials_tls>::load(pConfigRoot, ppEapError))
return false;
m_trusted_root_ca.clear();
m_server_names.clear();
@ -180,7 +186,7 @@ DWORD eap::config_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppE
}
}
return config_method<credentials_tls>::load(pConfigRoot, ppEapError);
return true;
}

38
lib/TLS/src/Credentials.cpp
View File

@ -88,47 +88,46 @@ bool eap::credentials_tls::empty() const
}
DWORD eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
if ((dwResult = credentials::save(pDoc, pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::save(pDoc, pConfigRoot, ppEapError))
return false;
// <CertHash>
if ((dwResult = eapxml::put_element_hex(pDoc, pConfigRoot, bstr(L"CertHash"), bstrNamespace, m_cert_hash.data(), m_cert_hash.size())) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CertHash> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = credentials::load(pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials::load(pConfigRoot, ppEapError))
return false;
// <CertHash>
if ((dwResult = eapxml::get_element_hex(pConfigRoot, bstr(L"eap-metadata:CertHash"), m_cert_hash)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <CertHash> element."), NULL);
return dwResult;
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
{
assert(pszTargetName);
assert(ppEapError);
DWORD dwResult;
tstring target(target_name(pszTargetName));
@ -150,24 +149,23 @@ DWORD eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
{
assert(pszTargetName && _tcslen(pszTargetName) < CRED_MAX_GENERIC_TARGET_NAME_LENGTH);
DWORD dwResult;
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
*ppEapError = m_module.make_error(dwResult = GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return dwResult;
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
return false;
}
if (cred->UserName)
@ -177,5 +175,5 @@ DWORD eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
m_cert_hash.assign(cred->CredentialBlob, cred->CredentialBlob + cred->CredentialBlobSize);
return ERROR_SUCCESS;
return true;
}

12
lib/TTLS/include/Config.h
View File

@ -131,10 +131,10 @@ namespace eap {
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load configuration from XML document
@ -143,10 +143,10 @@ namespace eap {
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}

24
lib/TTLS/include/Credentials.h
View File

@ -132,10 +132,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
virtual bool save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
///
/// Load credentials from XML document
@ -144,10 +144,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
virtual bool load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError);
/// @}
@ -161,10 +161,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
virtual bool store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const;
///
/// Retrieve credentials from Windows Credential Manager
@ -173,10 +173,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
virtual bool retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError);
/// @}

24
lib/TTLS/include/Module.h
View File

@ -48,21 +48,33 @@ namespace eap
///
/// \sa [EapPeerGetInfo function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363613.aspx)
///
virtual DWORD initialize(_Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool initialize(_Out_ EAP_ERROR **ppEapError);
///
/// Shuts down the EAP method and prepares to unload its corresponding DLL.
///
/// \sa [EapPeerShutdown function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363627.aspx)
///
virtual DWORD shutdown(_Out_ EAP_ERROR **ppEapError);
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool shutdown(_Out_ EAP_ERROR **ppEapError);
///
/// Returns the user data and user identity after being called by EAPHost.
///
/// \sa [EapPeerGetIdentity function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363607.aspx)
///
virtual DWORD get_identity(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
@ -80,7 +92,11 @@ namespace eap
///
/// \sa [EapPeerGetMethodProperties function](https://msdn.microsoft.com/en-us/library/windows/desktop/hh706636.aspx)
///
virtual DWORD get_method_properties(
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,

36
lib/TTLS/include/Session.h
View File

@ -39,6 +39,40 @@ namespace eap
///
/// Constructor
///
session_ttls();
/// \param[in] mod Reference of the EAP module to use for global services
///
session_ttls(_In_ module &mod);
///
/// Copies TTLS session
///
/// \param[in] other Session to copy from
///
session_ttls(_In_ const session_ttls &other);
///
/// Moves TTLS session
///
/// \param[in] other Session to move from
///
session_ttls(_Inout_ session_ttls &&other);
///
/// Copies TTLS session
///
/// \param[in] other Session to copy from
///
/// \returns Reference to this object
///
session_ttls& operator=(_In_ const session_ttls &other);
///
/// Moves TTLS session
///
/// \param[in] other Session to move from
///
/// \returns Reference to this object
///
session_ttls& operator=(_Inout_ session_ttls &&other);
};
}

40
lib/TTLS/src/Config.cpp
View File

@ -88,51 +88,53 @@ eap::config* eap::config_ttls::clone() const
}
DWORD eap::config_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::config_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
if ((dwResult = config_tls::save(pDoc, pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!config_tls::save(pDoc, pConfigRoot, ppEapError))
return false;
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."), NULL);
return dwResult;
return false;
}
if (dynamic_cast<const config_pap*>(m_inner)) {
// <InnerAuthenticationMethod>/<NonEAPAuthMethod>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."), NULL);
return dwResult;
return false;
}
// <InnerAuthenticationMethod>/...
if ((dwResult = m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError)) != ERROR_SUCCESS)
return dwResult;
} else
return dwResult = ERROR_NOT_SUPPORTED;
if (!m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError))
return false;
} else {
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Unsupported inner authentication method."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::config_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::config_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(ppEapError);
DWORD dwResult;
if ((dwResult = config_tls::load(pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!config_tls::load(pConfigRoot, ppEapError))
return false;
// Load inner authentication configuration (<InnerAuthenticationMethod>).
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), NULL);
return dwResult;
return false;
}
// Determine inner authentication type (<EAPMethod> and <NonEAPAuthMethod>).
@ -150,14 +152,14 @@ DWORD eap::config_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **pp
// PAP
assert(!m_inner);
m_inner = new eap::config_pap(m_module);
if ((dwResult = m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError))
return false;
} else {
*ppEapError = m_module.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Unsupported inner authentication method."), NULL);
return dwResult;
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Unsupported inner authentication method."), NULL);
return false;
}
return ERROR_SUCCESS;
return true;
}

62
lib/TTLS/src/Credentials.cpp
View File

@ -95,86 +95,82 @@ bool eap::credentials_ttls::empty() const
}
DWORD eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
HRESULT hr;
if ((dwResult = credentials_tls::save(pDoc, pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials_tls::save(pDoc, pConfigRoot, ppEapError))
return false;
if (m_inner) {
// <InnerAuthenticationMethod>
winstd::com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."), NULL);
return dwResult;
return false;
}
if ((dwResult = m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError))
return false;
if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL))) {
*ppEapError = m_module.make_error(dwResult = HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."), NULL);
return false;
}
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{
assert(pConfigRoot);
DWORD dwResult;
if ((dwResult = credentials_tls::load(pConfigRoot, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials_tls::load(pConfigRoot, ppEapError))
return false;
if (m_inner) {
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), NULL);
return dwResult;
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), NULL);
return false;
}
if ((dwResult = m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError))
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_ttls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
bool eap::credentials_ttls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError) const
{
DWORD dwResult;
if ((dwResult = credentials_tls::store(pszTargetName, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials_tls::store(pszTargetName, ppEapError))
return false;
if (m_inner) {
if ((dwResult = m_inner->store(pszTargetName, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_inner->store(pszTargetName, ppEapError))
return false;
}
return ERROR_SUCCESS;
return true;
}
DWORD eap::credentials_ttls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
bool eap::credentials_ttls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult;
if ((dwResult = credentials_tls::retrieve(pszTargetName, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!credentials_tls::retrieve(pszTargetName, ppEapError))
return false;
if (m_inner) {
if ((dwResult = m_inner->retrieve(pszTargetName, ppEapError)) != ERROR_SUCCESS)
return dwResult;
if (!m_inner->retrieve(pszTargetName, ppEapError))
return false;
}
return ERROR_SUCCESS;
return true;
}

22
lib/TTLS/src/Module.cpp
View File

@ -33,7 +33,7 @@ eap::peer_ttls::peer_ttls() : peer(type_ttls)
}
DWORD eap::peer_ttls::initialize(_Out_ EAP_ERROR **ppEapError)
bool eap::peer_ttls::initialize(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
@ -47,18 +47,18 @@ DWORD eap::peer_ttls::initialize(_Out_ EAP_ERROR **ppEapError)
MsiUseFeature(_T(PRODUCT_VERSION_GUID), _T("featEAPTTLS"));
#endif
return ERROR_SUCCESS;
return true;
}
DWORD eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError)
bool eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return ERROR_SUCCESS;
return true;
}
DWORD eap::peer_ttls::get_identity(
bool eap::peer_ttls::get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
@ -83,13 +83,12 @@ DWORD eap::peer_ttls::get_identity(
UNREFERENCED_PARAMETER(ppwszIdentity);
UNREFERENCED_PARAMETER(ppEapError);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
DWORD eap::peer_ttls::get_method_properties(
bool eap::peer_ttls::get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
@ -110,7 +109,6 @@ DWORD eap::peer_ttls::get_method_properties(
UNREFERENCED_PARAMETER(pMethodPropertyArray);
UNREFERENCED_PARAMETER(ppEapError);
DWORD dwResult = ERROR_NOT_SUPPORTED;
ETW_FN_DWORD(dwResult);
return dwResult;
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}

32
lib/TTLS/src/Session.cpp
View File

@ -28,6 +28,36 @@ using namespace winstd;
// eap::session_ttls
//////////////////////////////////////////////////////////////////////
eap::session_ttls::session_ttls() : session()
eap::session_ttls::session_ttls(_In_ module &mod) : session(mod)
{
}
eap::session_ttls::session_ttls(_In_ const session_ttls &other) :
session(other)
{
}
eap::session_ttls::session_ttls(_Inout_ session_ttls &&other) :
session(std::move(other))
{
}
eap::session_ttls& eap::session_ttls::operator=(_In_ const session_ttls &other)
{
if (this != &other)
(session&)*this = other;
return *this;
}
eap::session_ttls& eap::session_ttls::operator=(_Inout_ session_ttls &&other)
{
if (this != &other)
(session&)*this = std::move(other);
return *this;
}

18
lib/TTLS_UI/include/Module.h
View File

@ -53,10 +53,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_config_ui(
virtual bool invoke_config_ui(
_In_ HWND hwndParent,
_Inout_ config_type &cfg,
_Out_ EAP_ERROR **ppEapError);
@ -74,10 +74,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_identity_ui(
virtual bool invoke_identity_ui(
_In_ HWND hwndParent,
_In_ DWORD dwFlags,
_Inout_ config_type &cfg,
@ -96,10 +96,10 @@ namespace eap
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual DWORD invoke_interactive_ui(
virtual bool invoke_interactive_ui(
_In_ HWND hwndParent,
_In_ const interactive_request_type &req,
_Out_ interactive_response_type &res,

17
lib/TTLS_UI/src/Module.cpp
View File

@ -30,7 +30,7 @@ eap::peer_ttls_ui::peer_ttls_ui() : peer_ui<eap::config_ttls, eap::credentials_t
}
DWORD eap::peer_ttls_ui::invoke_config_ui(
bool eap::peer_ttls_ui::invoke_config_ui(
_In_ HWND hwndParent,
_Inout_ config_type &cfg,
_Out_ EAP_ERROR **ppEapError)
@ -59,11 +59,16 @@ DWORD eap::peer_ttls_ui::invoke_config_ui(
// Clean-up and return.
wxEntryCleanup();
return result == wxID_OK ? ERROR_SUCCESS : ERROR_CANCELLED;
if (result != wxID_OK) {
*ppEapError = make_error(ERROR_CANCELLED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Cancelled."), NULL);
return false;
}
return true;
}
DWORD eap::peer_ttls_ui::invoke_identity_ui(
bool eap::peer_ttls_ui::invoke_identity_ui(
_In_ HWND hwndParent,
_In_ DWORD dwFlags,
_Inout_ config_type &cfg,
@ -80,11 +85,11 @@ DWORD eap::peer_ttls_ui::invoke_identity_ui(
InitCommonControls();
MessageBox(hwndParent, _T(PRODUCT_NAME_STR) _T(" credential prompt goes here!"), _T(PRODUCT_NAME_STR) _T(" Credentials"), MB_OK);
return ERROR_SUCCESS;
return true;
}
DWORD eap::peer_ttls_ui::invoke_interactive_ui(
bool eap::peer_ttls_ui::invoke_interactive_ui(
_In_ HWND hwndParent,
_In_ const interactive_request_type &req,
_Out_ interactive_response_type &res,
@ -97,5 +102,5 @@ DWORD eap::peer_ttls_ui::invoke_interactive_ui(
InitCommonControls();
MessageBox(hwndParent, _T(PRODUCT_NAME_STR) _T(" interactive UI goes here!"), _T(PRODUCT_NAME_STR) _T(" Prompt"), MB_OK);
return ERROR_SUCCESS;
return true;
}