Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Server names can be Unicode now

Browse Source
This commit is contained in:
Simon Rozman 2016-08-23 14:42:11 +02:00
parent 59768e8097
commit f39cb94ee5
7 changed files with 3255 additions and 3262 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

352
lib/TLS/include/Config.h
View File

@ -1,176 +1,176 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include <WinStd/Common.h> #include <WinStd/Common.h>
#include <Windows.h> #include <Windows.h>
#include <WinCrypt.h> // Must include after <Windows.h> #include <WinCrypt.h> // Must include after <Windows.h>
#include <sal.h> #include <sal.h>
namespace eap namespace eap
{ {
/// ///
/// TLS configuration /// TLS configuration
/// ///
class config_method_tls; class config_method_tls;
/// ///
/// Helper function to compile human-readable certificate name for UI display /// Helper function to compile human-readable certificate name for UI display
/// ///
winstd::tstring get_cert_title(PCCERT_CONTEXT cert); winstd::tstring get_cert_title(PCCERT_CONTEXT cert);
} }
#pragma once #pragma once
#include "Credentials.h" #include "Credentials.h"
#include "Method.h" #include "Method.h"
#include "TLS.h" #include "TLS.h"
#include "../../EAPBase/include/Config.h" #include "../../EAPBase/include/Config.h"
#include <WinStd/Crypt.h> #include <WinStd/Crypt.h>
#include <Windows.h> #include <Windows.h>
#include <list> #include <list>
#include <string> #include <string>
namespace eap namespace eap
{ {
class config_method_tls : public config_method_with_cred class config_method_tls : public config_method_with_cred
{ {
public: public:
/// ///
/// Constructs configuration /// Constructs configuration
/// ///
/// \param[in] mod EAP module to use for global services /// \param[in] mod EAP module to use for global services
/// ///
config_method_tls(_In_ module &mod); config_method_tls(_In_ module &mod);
/// ///
/// Copies configuration /// Copies configuration
/// ///
/// \param[in] other Configuration to copy from /// \param[in] other Configuration to copy from
/// ///
config_method_tls(_In_ const config_method_tls &other); config_method_tls(_In_ const config_method_tls &other);
/// ///
/// Moves configuration /// Moves configuration
/// ///
/// \param[in] other Configuration to move from /// \param[in] other Configuration to move from
/// ///
config_method_tls(_Inout_ config_method_tls &&other); config_method_tls(_Inout_ config_method_tls &&other);
/// ///
/// Copies configuration /// Copies configuration
/// ///
/// \param[in] other Configuration to copy from /// \param[in] other Configuration to copy from
/// ///
/// \returns Reference to this object /// \returns Reference to this object
/// ///
config_method_tls& operator=(_In_ const config_method_tls &other); config_method_tls& operator=(_In_ const config_method_tls &other);
/// ///
/// Moves configuration /// Moves configuration
/// ///
/// \param[in] other Configuration to move from /// \param[in] other Configuration to move from
/// ///
/// \returns Reference to this object /// \returns Reference to this object
/// ///
config_method_tls& operator=(_Inout_ config_method_tls &&other); config_method_tls& operator=(_Inout_ config_method_tls &&other);
/// ///
/// Clones configuration /// Clones configuration
/// ///
/// \returns Pointer to cloned configuration /// \returns Pointer to cloned configuration
/// ///
virtual config* clone() const; virtual config* clone() const;
/// \name XML configuration management /// \name XML configuration management
/// @{ /// @{
/// ///
/// Save to XML document /// Save to XML document
/// ///
/// \param[in] pDoc XML document /// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving /// \param[in] pConfigRoot Suggested root element for saving
/// ///
virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const; virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
/// ///
/// Load from XML document /// Load from XML document
/// ///
/// \param[in] pConfigRoot Root element for loading /// \param[in] pConfigRoot Root element for loading
/// ///
virtual void load(_In_ IXMLDOMNode *pConfigRoot); virtual void load(_In_ IXMLDOMNode *pConfigRoot);
/// @} /// @}
/// \name BLOB management /// \name BLOB management
/// @{ /// @{
/// ///
/// Packs a configuration /// Packs a configuration
/// ///
/// \param[inout] cursor Memory cursor /// \param[inout] cursor Memory cursor
/// ///
virtual void operator<<(_Inout_ cursor_out &cursor) const; virtual void operator<<(_Inout_ cursor_out &cursor) const;
/// ///
/// Returns packed size of a configuration /// Returns packed size of a configuration
/// ///
/// \returns Size of data when packed (in bytes) /// \returns Size of data when packed (in bytes)
/// ///
virtual size_t get_pk_size() const; virtual size_t get_pk_size() const;
/// ///
/// Unpacks a configuration /// Unpacks a configuration
/// ///
/// \param[inout] cursor Memory cursor /// \param[inout] cursor Memory cursor
/// ///
virtual void operator>>(_Inout_ cursor_in &cursor); virtual void operator>>(_Inout_ cursor_in &cursor);
/// @} /// @}
/// ///
/// Returns EAP method type of this configuration /// Returns EAP method type of this configuration
/// ///
/// \returns `eap::type_tls` /// \returns `eap::type_tls`
/// ///
virtual winstd::eap_type_t get_method_id() const; virtual winstd::eap_type_t get_method_id() const;
/// ///
/// Adds CA to the list of trusted root CA's /// Adds CA to the list of trusted root CA's
/// ///
/// \sa [CertCreateCertificateContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376033.aspx) /// \sa [CertCreateCertificateContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376033.aspx)
/// ///
bool add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded); bool add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded);
public: public:
std::list<winstd::cert_context> m_trusted_root_ca; ///< Trusted root CAs std::list<winstd::cert_context> m_trusted_root_ca; ///< Trusted root CAs
std::list<std::string> m_server_names; ///< Acceptable authenticating server names std::list<std::wstring> m_server_names; ///< Acceptable authenticating server names
// Following members are used for session resumptions. They are not exported/imported to XML. // Following members are used for session resumptions. They are not exported/imported to XML.
sanitizing_blob m_session_id; ///< TLS session ID sanitizing_blob m_session_id; ///< TLS session ID
tls_master_secret m_master_secret; ///< TLS master secret tls_master_secret m_master_secret; ///< TLS master secret
}; };
} }

603
lib/TLS/src/Config.cpp
View File

@ -1,305 +1,298 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "StdAfx.h" #include "StdAfx.h"
#pragma comment(lib, "Cryptui.lib") #pragma comment(lib, "Cryptui.lib")
using namespace std; using namespace std;
using namespace winstd; using namespace winstd;
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// eap::get_cert_title // eap::get_cert_title
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
tstring eap::get_cert_title(PCCERT_CONTEXT cert) tstring eap::get_cert_title(PCCERT_CONTEXT cert)
{ {
tstring name, str, issuer, title; tstring name, str, issuer, title;
FILETIME ft; FILETIME ft;
SYSTEMTIME st; SYSTEMTIME st;
// Prepare certificate information // Prepare certificate information
CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name); CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name);
title += name; title += name;
FileTimeToLocalFileTime(&(cert->pCertInfo->NotBefore), &ft); FileTimeToLocalFileTime(&(cert->pCertInfo->NotBefore), &ft);
FileTimeToSystemTime(&ft, &st); FileTimeToSystemTime(&ft, &st);
GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str); GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str);
title += _T(", "); title += _T(", ");
title += str; title += str;
FileTimeToLocalFileTime(&(cert->pCertInfo->NotAfter ), &ft); FileTimeToLocalFileTime(&(cert->pCertInfo->NotAfter ), &ft);
FileTimeToSystemTime(&ft, &st); FileTimeToSystemTime(&ft, &st);
GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str); GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str);
title += _T('-'); title += _T('-');
title += str; title += str;
CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer); CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer);
if (name != issuer) { if (name != issuer) {
title += _T(", "); title += _T(", ");
title += issuer; title += issuer;
} }
return title; return title;
} }
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// eap::config_method_tls // eap::config_method_tls
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
eap::config_method_tls::config_method_tls(_In_ module &mod) : config_method_with_cred(mod) eap::config_method_tls::config_method_tls(_In_ module &mod) : config_method_with_cred(mod)
{ {
m_preshared.reset(new credentials_tls(mod)); m_preshared.reset(new credentials_tls(mod));
} }
eap::config_method_tls::config_method_tls(_In_ const config_method_tls &other) : eap::config_method_tls::config_method_tls(_In_ const config_method_tls &other) :
m_trusted_root_ca(other.m_trusted_root_ca), m_trusted_root_ca(other.m_trusted_root_ca),
m_server_names(other.m_server_names), m_server_names(other.m_server_names),
m_session_id(other.m_session_id), m_session_id(other.m_session_id),
m_master_secret(other.m_master_secret), m_master_secret(other.m_master_secret),
config_method_with_cred(other) config_method_with_cred(other)
{ {
} }
eap::config_method_tls::config_method_tls(_Inout_ config_method_tls &&other) : eap::config_method_tls::config_method_tls(_Inout_ config_method_tls &&other) :
m_trusted_root_ca(std::move(other.m_trusted_root_ca)), m_trusted_root_ca(std::move(other.m_trusted_root_ca)),
m_server_names(std::move(other.m_server_names)), m_server_names(std::move(other.m_server_names)),
m_session_id(std::move(other.m_session_id)), m_session_id(std::move(other.m_session_id)),
m_master_secret(std::move(other.m_master_secret)), m_master_secret(std::move(other.m_master_secret)),
config_method_with_cred(std::move(other)) config_method_with_cred(std::move(other))
{ {
} }
eap::config_method_tls& eap::config_method_tls::operator=(_In_ const config_method_tls &other) eap::config_method_tls& eap::config_method_tls::operator=(_In_ const config_method_tls &other)
{ {
if (this != &other) { if (this != &other) {
(config_method_with_cred&)*this = other; (config_method_with_cred&)*this = other;
m_trusted_root_ca = other.m_trusted_root_ca; m_trusted_root_ca = other.m_trusted_root_ca;
m_server_names = other.m_server_names; m_server_names = other.m_server_names;
m_session_id = other.m_session_id; m_session_id = other.m_session_id;
m_master_secret = other.m_master_secret; m_master_secret = other.m_master_secret;
} }
return *this; return *this;
} }
eap::config_method_tls& eap::config_method_tls::operator=(_Inout_ config_method_tls &&other) eap::config_method_tls& eap::config_method_tls::operator=(_Inout_ config_method_tls &&other)
{ {
if (this != &other) { if (this != &other) {
(config_method_with_cred&&)*this = std::move(other); (config_method_with_cred&&)*this = std::move(other);
m_trusted_root_ca = std::move(other.m_trusted_root_ca); m_trusted_root_ca = std::move(other.m_trusted_root_ca);
m_server_names = std::move(other.m_server_names); m_server_names = std::move(other.m_server_names);
m_session_id = std::move(other.m_session_id); m_session_id = std::move(other.m_session_id);
m_master_secret = std::move(other.m_master_secret); m_master_secret = std::move(other.m_master_secret);
} }
return *this; return *this;
} }
eap::config* eap::config_method_tls::clone() const eap::config* eap::config_method_tls::clone() const
{ {
return new config_method_tls(*this); return new config_method_tls(*this);
} }
void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
{ {
assert(pDoc); assert(pDoc);
assert(pConfigRoot); assert(pConfigRoot);
config_method_with_cred::save(pDoc, pConfigRoot); config_method_with_cred::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata"); const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr; HRESULT hr;
// <ServerSideCredential> // <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential; com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential))) if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element.");
for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) { for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) {
// <CA> // <CA>
com_obj<IXMLDOMElement> pXmlElCA; com_obj<IXMLDOMElement> pXmlElCA;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA))) if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element.");
// <CA>/<format> // <CA>/<format>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM")))) if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <CA>/<cert-data> // <CA>/<cert-data>
const cert_context &cc = *i; const cert_context &cc = *i;
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded))) if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL))) if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL)))
throw com_runtime_error(hr, __FUNCTION__ " Error appending <CA> element."); throw com_runtime_error(hr, __FUNCTION__ " Error appending <CA> element.");
} }
// <ServerName> // <ServerName>
for (list<string>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) { for (list<wstring>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) {
wstring str; if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(*i))))
MultiByteToWideChar(CP_UTF8, 0, i->c_str(), (int)i->length(), str); throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element.");
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str)))) }
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element."); }
}
}
void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot)
{
void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot) assert(pConfigRoot);
{
assert(pConfigRoot); config_method_with_cred::load(pConfigRoot);
config_method_with_cred::load(pConfigRoot); std::wstring xpath(eapxml::get_xpath(pConfigRoot));
std::wstring xpath(eapxml::get_xpath(pConfigRoot)); m_trusted_root_ca.clear();
m_server_names.clear();
m_trusted_root_ca.clear();
m_server_names.clear(); // <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
// <ServerSideCredential> if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential))) {
com_obj<IXMLDOMElement> pXmlElServerSideCredential; std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential");
if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential))) {
std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential"); // <CA>
com_obj<IXMLDOMNodeList> pXmlListCAs;
// <CA> long lCACount = 0;
com_obj<IXMLDOMNodeList> pXmlListCAs; if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs)) && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) {
long lCACount = 0; for (long j = 0; j < lCACount; j++) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs)) && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) { // Load CA certificate.
for (long j = 0; j < lCACount; j++) { com_obj<IXMLDOMNode> pXmlElCA;
// Load CA certificate. pXmlListCAs->get_item(j, &pXmlElCA);
com_obj<IXMLDOMNode> pXmlElCA; bstr bstrFormat;
pXmlListCAs->get_item(j, &pXmlElCA); if (FAILED(eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat))) {
bstr bstrFormat; // <format> not specified.
if (FAILED(eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat))) { continue;
// <format> not specified. }
continue;
} if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrFormat, bstrFormat.length(), L"PEM", -1, NULL, NULL, 0) != CSTR_EQUAL) {
// Certificate must be PEM encoded.
if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrFormat, bstrFormat.length(), L"PEM", -1, NULL, NULL, 0) != CSTR_EQUAL) { continue;
// Certificate must be PEM encoded. }
continue;
} vector<unsigned char> aData;
if (FAILED(eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData))) {
vector<unsigned char> aData; // Error reading <cert-data> element.
if (FAILED(eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData))) { continue;
// Error reading <cert-data> element. }
continue;
} add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
}
add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
} // Log loaded CA certificates.
list<tstring> cert_names;
// Log loaded CA certificates. for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert)
list<tstring> cert_names; cert_names.push_back(std::move(get_cert_title(*cert)));
for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert) m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
cert_names.push_back(std::move(get_cert_title(*cert))); }
m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
} // <ServerName>
com_obj<IXMLDOMNodeList> pXmlListServerIDs;
// <ServerName> long lServerIDCount = 0;
com_obj<IXMLDOMNodeList> pXmlListServerIDs; if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs)) && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) {
long lServerIDCount = 0; for (long j = 0; j < lServerIDCount; j++) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs)) && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) { // Load server name (<ServerName>).
for (long j = 0; j < lServerIDCount; j++) { com_obj<IXMLDOMNode> pXmlElServerID;
// Load server name (<ServerName>). pXmlListServerIDs->get_item(j, &pXmlElServerID);
com_obj<IXMLDOMNode> pXmlElServerID; bstr bstrServerID;
pXmlListServerIDs->get_item(j, &pXmlElServerID); pXmlElServerID->get_text(&bstrServerID);
bstr bstrServerID; m_server_names.push_back(wstring(bstrServerID));
pXmlElServerID->get_text(&bstrServerID); }
// Server names (FQDNs) are always ASCII. Hopefully. Convert them to UTF-8 anyway for consistent comparison. CP_ANSI varies. m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names);
string str; }
WideCharToMultiByte(CP_UTF8, 0, bstrServerID, bstrServerID.length(), str, NULL, NULL); }
}
m_server_names.push_back(str);
}
void eap::config_method_tls::operator<<(_Inout_ cursor_out &cursor) const
m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names); {
} config_method_with_cred::operator<<(cursor);
} cursor << m_trusted_root_ca;
} cursor << m_server_names ;
cursor << m_session_id ;
cursor << m_master_secret ;
void eap::config_method_tls::operator<<(_Inout_ cursor_out &cursor) const }
{
config_method_with_cred::operator<<(cursor);
cursor << m_trusted_root_ca; size_t eap::config_method_tls::get_pk_size() const
cursor << m_server_names ; {
cursor << m_session_id ; return
cursor << m_master_secret ; config_method_with_cred::get_pk_size() +
} pksizeof(m_trusted_root_ca) +
pksizeof(m_server_names ) +
pksizeof(m_session_id ) +
size_t eap::config_method_tls::get_pk_size() const pksizeof(m_master_secret );
{ }
return
config_method_with_cred::get_pk_size() +
pksizeof(m_trusted_root_ca) + void eap::config_method_tls::operator>>(_Inout_ cursor_in &cursor)
pksizeof(m_server_names ) + {
pksizeof(m_session_id ) + config_method_with_cred::operator>>(cursor);
pksizeof(m_master_secret ); cursor >> m_trusted_root_ca;
} cursor >> m_server_names ;
cursor >> m_session_id ;
cursor >> m_master_secret ;
void eap::config_method_tls::operator>>(_Inout_ cursor_in &cursor) }
{
config_method_with_cred::operator>>(cursor);
cursor >> m_trusted_root_ca; eap_type_t eap::config_method_tls::get_method_id() const
cursor >> m_server_names ; {
cursor >> m_session_id ; return eap_type_tls;
cursor >> m_master_secret ; }
}
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded)
eap_type_t eap::config_method_tls::get_method_id() const {
{ cert_context cert;
return eap_type_tls; if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) {
} // Invalid or unsupported certificate.
return false;
}
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded)
{ for (list<cert_context>::const_iterator i = m_trusted_root_ca.cbegin(), i_end = m_trusted_root_ca.cend();; ++i) {
cert_context cert; if (i != i_end) {
if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) { if (*i == cert) {
// Invalid or unsupported certificate. // This certificate is already on the list.
return false; return false;
} }
} else {
for (list<cert_context>::const_iterator i = m_trusted_root_ca.cbegin(), i_end = m_trusted_root_ca.cend();; ++i) { // End of list reached. Append certificate.
if (i != i_end) { m_trusted_root_ca.push_back(std::move(cert));
if (*i == cert) { return true;
// This certificate is already on the list. }
return false; }
} }
} else {
// End of list reached. Append certificate.
m_trusted_root_ca.push_back(std::move(cert));
return true;
}
}
}

18
lib/TLS/src/Method.cpp
View File

@ -1166,8 +1166,8 @@ void eap::method_tls::verify_server_trust() const
assert(!m_server_cert_chain.empty()); assert(!m_server_cert_chain.empty());
const cert_context &cert = m_server_cert_chain.front(); const cert_context &cert = m_server_cert_chain.front();
string subj; wstring subj;
if (!CertGetNameStringA(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, subj)) if (!CertGetNameStringW(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, subj))
throw win_runtime_error(__FUNCTION__ " Error retrieving server's certificate subject name."); throw win_runtime_error(__FUNCTION__ " Error retrieving server's certificate subject name.");
const config_provider &cfg_prov(m_cfg.m_providers.front()); const config_provider &cfg_prov(m_cfg.m_providers.front());
@ -1176,29 +1176,29 @@ void eap::method_tls::verify_server_trust() const
if (!cfg_method->m_server_names.empty()) { if (!cfg_method->m_server_names.empty()) {
// Check server name. // Check server name.
for (list<string>::const_iterator s = cfg_method->m_server_names.cbegin(), s_end = cfg_method->m_server_names.cend();; ++s) { for (list<wstring>::const_iterator s = cfg_method->m_server_names.cbegin(), s_end = cfg_method->m_server_names.cend();; ++s) {
if (s != s_end) { if (s != s_end) {
const char const wchar_t
*a = s->c_str(), *a = s->c_str(),
*b = subj.c_str(); *b = subj.c_str();
size_t size_t
len_a = s->length(), len_a = s->length(),
len_b = subj.length(); len_b = subj.length();
if (_stricmp(a, b) == 0 || // Direct match if (_wcsicmp(a, b) == 0 || // Direct match
a[0] == '*' && len_b + 1 >= len_a && _stricmp(a + 1, b + len_b - (len_a - 1)) == 0) // "*..." wildchar match a[0] == '*' && len_b + 1 >= len_a && _wcsicmp(a + 1, b + len_b - (len_a - 1)) == 0) // "*..." wildchar match
{ {
m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED, event_data(subj), event_data::blank); m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(subj), event_data::blank);
break; break;
} }
} else } else
throw win_runtime_error(ERROR_INVALID_DOMAINNAME, string_printf(__FUNCTION__ " Server name %s is not on the list of trusted server names.", subj.c_str()).c_str()); throw win_runtime_error(ERROR_INVALID_DOMAINNAME, string_printf(__FUNCTION__ " Server name %ls is not on the list of trusted server names.", subj.c_str()).c_str());
} }
} }
if (cert->pCertInfo->Issuer.cbData == cert->pCertInfo->Subject.cbData && if (cert->pCertInfo->Issuer.cbData == cert->pCertInfo->Subject.cbData &&
memcmp(cert->pCertInfo->Issuer.pbData, cert->pCertInfo->Subject.pbData, cert->pCertInfo->Issuer.cbData) == 0) memcmp(cert->pCertInfo->Issuer.pbData, cert->pCertInfo->Subject.pbData, cert->pCertInfo->Issuer.cbData) == 0)
throw com_runtime_error(CRYPT_E_SELF_SIGNED, string_printf(__FUNCTION__ " Server is using a self-signed certificate %s. Cannot trust it.", subj.c_str()).c_str()); throw com_runtime_error(CRYPT_E_SELF_SIGNED, string_printf(__FUNCTION__ " Server is using a self-signed certificate %ls. Cannot trust it.", subj.c_str()).c_str());
// Create temporary certificate store of our trusted root CAs. // Create temporary certificate store of our trusted root CAs.
cert_store store; cert_store store;

684
lib/TLS_UI/include/TLS_UI.h
View File

@ -1,342 +1,342 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "../../EAPBase_UI/include/EAP_UI.h" #include "../../EAPBase_UI/include/EAP_UI.h"
#include "../../TLS/include/Config.h" #include "../../TLS/include/Config.h"
#include "../../TLS/include/Credentials.h" #include "../../TLS/include/Credentials.h"
#include <WinStd/Common.h> #include <WinStd/Common.h>
#include <wx/filedlg.h> #include <wx/filedlg.h>
#include <wx/msgdlg.h> #include <wx/msgdlg.h>
#include <Windows.h> #include <Windows.h>
#include <cryptuiapi.h> #include <cryptuiapi.h>
#include <WinCrypt.h> // Must include after <Windows.h> #include <WinCrypt.h> // Must include after <Windows.h>
#include <list> #include <list>
#include <string> #include <string>
/// ///
/// Helper class for auto-destroyable certificates used in wxWidget's item containers /// Helper class for auto-destroyable certificates used in wxWidget's item containers
/// ///
class wxCertificateClientData; class wxCertificateClientData;
/// ///
/// Validator for host name /// Validator for host name
/// ///
class wxHostNameValidator; class wxHostNameValidator;
/// ///
/// Validator for FQDN /// Validator for FQDN
/// ///
class wxFQDNValidator; class wxFQDNValidator;
/// ///
/// Validator for FQDN lists /// Validator for FQDN lists
/// ///
class wxFQDNListValidator; class wxFQDNListValidator;
/// ///
/// TLS credential panel /// TLS credential panel
/// ///
class wxTLSCredentialsPanel; class wxTLSCredentialsPanel;
/// ///
/// TLS server trust configuration panel /// TLS server trust configuration panel
/// ///
class wxTLSServerTrustPanel; class wxTLSServerTrustPanel;
/// ///
/// TLS credentials configuration panel /// TLS credentials configuration panel
/// ///
typedef wxEAPCredentialsConfigPanel<eap::credentials_tls, wxTLSCredentialsPanel> wxTLSCredentialsConfigPanel; typedef wxEAPCredentialsConfigPanel<eap::credentials_tls, wxTLSCredentialsPanel> wxTLSCredentialsConfigPanel;
/// ///
/// TLS configuration panel /// TLS configuration panel
/// ///
class wxTLSConfigPanel; class wxTLSConfigPanel;
#pragma once #pragma once
#include "../res/wxTLS_UI.h" #include "../res/wxTLS_UI.h"
#include <WinStd/Win.h> #include <WinStd/Win.h>
#include <wx/clntdata.h> #include <wx/clntdata.h>
#include <wx/icon.h> #include <wx/icon.h>
#include <wx/panel.h> #include <wx/panel.h>
#include <wx/textctrl.h> #include <wx/textctrl.h>
#include <wx/validate.h> #include <wx/validate.h>
#include <list> #include <list>
#include <string> #include <string>
#include <vector> #include <vector>
class wxCertificateClientData : public wxClientData class wxCertificateClientData : public wxClientData
{ {
public: public:
/// ///
/// Constructs client data object with existing handle /// Constructs client data object with existing handle
/// ///
wxCertificateClientData(PCCERT_CONTEXT cert); wxCertificateClientData(PCCERT_CONTEXT cert);
/// ///
/// Releases certificate handle and destructs the object /// Releases certificate handle and destructs the object
/// ///
virtual ~wxCertificateClientData(); virtual ~wxCertificateClientData();
public: public:
PCCERT_CONTEXT m_cert; ///< Certificate PCCERT_CONTEXT m_cert; ///< Certificate
}; };
class wxHostNameValidator : public wxValidator class wxHostNameValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxHostNameValidator); wxDECLARE_DYNAMIC_CLASS(wxHostNameValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxHostNameValidator); wxDECLARE_NO_ASSIGN_CLASS(wxHostNameValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxHostNameValidator(std::string *val = NULL); wxHostNameValidator(std::wstring *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxHostNameValidator(const wxHostNameValidator &other); wxHostNameValidator(const wxHostNameValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN value /// Parses FQDN value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::string *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::wstring *val_out = NULL);
protected: protected:
std::string *m_val; ///< Pointer to variable to receive control's parsed value std::wstring *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxFQDNValidator : public wxValidator class wxFQDNValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxFQDNValidator); wxDECLARE_DYNAMIC_CLASS(wxFQDNValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxFQDNValidator); wxDECLARE_NO_ASSIGN_CLASS(wxFQDNValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxFQDNValidator(std::string *val = NULL); wxFQDNValidator(std::wstring *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxFQDNValidator(const wxFQDNValidator &other); wxFQDNValidator(const wxFQDNValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN value /// Parses FQDN value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::string *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::wstring *val_out = NULL);
protected: protected:
std::string *m_val; ///< Pointer to variable to receive control's parsed value std::wstring *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxFQDNListValidator : public wxValidator class wxFQDNListValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxFQDNListValidator); wxDECLARE_DYNAMIC_CLASS(wxFQDNListValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxFQDNListValidator); wxDECLARE_NO_ASSIGN_CLASS(wxFQDNListValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxFQDNListValidator(std::list<std::string> *val = NULL); wxFQDNListValidator(std::list<std::wstring> *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxFQDNListValidator(const wxFQDNListValidator &other); wxFQDNListValidator(const wxFQDNListValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN list value /// Parses FQDN list value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::list<std::string> *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::list<std::wstring> *val_out = NULL);
protected: protected:
std::list<std::string> *m_val; ///< Pointer to variable to receive control's parsed value std::list<std::wstring> *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxTLSCredentialsPanel : public wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase> class wxTLSCredentialsPanel : public wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
/// \param[in] prov Provider configuration data /// \param[in] prov Provider configuration data
/// \param[in] cfg Configuration data /// \param[in] cfg Configuration data
/// \param[inout] cred Credentials data /// \param[inout] cred Credentials data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name. /// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window /// \param[in] parent Parent window
/// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled. /// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled.
/// ///
wxTLSCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false); wxTLSCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false);
protected: protected:
/// \cond internal /// \cond internal
virtual bool TransferDataToWindow(); virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
virtual void OnUpdateUI(wxUpdateUIEvent& event); virtual void OnUpdateUI(wxUpdateUIEvent& event);
/// \endcond /// \endcond
protected: protected:
winstd::library m_shell32; ///< shell32.dll resource library reference winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon wxIcon m_icon; ///< Panel icon
}; };
class wxTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase class wxTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
wxTLSServerTrustPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, wxWindow* parent); wxTLSServerTrustPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, wxWindow* parent);
protected: protected:
/// \cond internal /// \cond internal
virtual bool TransferDataToWindow(); virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
virtual void OnUpdateUI(wxUpdateUIEvent& event); virtual void OnUpdateUI(wxUpdateUIEvent& event);
virtual void OnRootCADClick(wxCommandEvent& event); virtual void OnRootCADClick(wxCommandEvent& event);
virtual void OnRootCAAddStore(wxCommandEvent& event); virtual void OnRootCAAddStore(wxCommandEvent& event);
virtual void OnRootCAAddFile(wxCommandEvent& event); virtual void OnRootCAAddFile(wxCommandEvent& event);
virtual void OnRootCARemove(wxCommandEvent& event); virtual void OnRootCARemove(wxCommandEvent& event);
/// \endcond /// \endcond
/// ///
/// Adds a certificate to the list of trusted root CA list /// Adds a certificate to the list of trusted root CA list
/// ///
/// \param[in] cert Certificate /// \param[in] cert Certificate
/// ///
/// \returns /// \returns
/// - \c true if certificate was added; /// - \c true if certificate was added;
/// - \c false if duplicate found or an error occured. /// - \c false if duplicate found or an error occured.
/// ///
bool AddRootCA(PCCERT_CONTEXT cert); bool AddRootCA(PCCERT_CONTEXT cert);
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_tls &m_cfg; ///< TLS configuration eap::config_method_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon wxIcon m_icon; ///< Panel icon
std::list<std::string> m_server_names_val; ///< Acceptable authenticating server names std::list<std::wstring> m_server_names_val; ///< Acceptable authenticating server names
}; };
class wxTLSConfigPanel : public wxPanel class wxTLSConfigPanel : public wxPanel
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
wxTLSConfigPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent); wxTLSConfigPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
/// ///
/// Destructs the configuration panel /// Destructs the configuration panel
/// ///
virtual ~wxTLSConfigPanel(); virtual ~wxTLSConfigPanel();
protected: protected:
/// \cond internal /// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event); virtual void OnInitDialog(wxInitDialogEvent& event);
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
/// \endcond /// \endcond
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_tls &m_cfg; ///< TLS configuration eap::config_method_tls &m_cfg; ///< TLS configuration
wxTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel wxTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel
wxTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel wxTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel
}; };

364
lib/TLS_UI/res/wxTLS_UI.cpp
View File

@ -1,182 +1,182 @@
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
// C++ code generated with wxFormBuilder (version Jun 17 2015) // C++ code generated with wxFormBuilder (version Jun 17 2015)
// http://www.wxformbuilder.org/ // http://www.wxformbuilder.org/
// //
// PLEASE DO "NOT" EDIT THIS FILE! // PLEASE DO "NOT" EDIT THIS FILE!
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
#include <StdAfx.h> #include <StdAfx.h>
#include "wxTLS_UI.h" #include "wxTLS_UI.h"
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{ {
wxStaticBoxSizer* sb_server_trust; wxStaticBoxSizer* sb_server_trust;
sb_server_trust = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Server Trust") ), wxVERTICAL ); sb_server_trust = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Server Trust") ), wxVERTICAL );
wxBoxSizer* sb_server_trust_horiz; wxBoxSizer* sb_server_trust_horiz;
sb_server_trust_horiz = new wxBoxSizer( wxHORIZONTAL ); sb_server_trust_horiz = new wxBoxSizer( wxHORIZONTAL );
m_server_trust_icon = new wxStaticBitmap( sb_server_trust->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); m_server_trust_icon = new wxStaticBitmap( sb_server_trust->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_server_trust_horiz->Add( m_server_trust_icon, 0, wxALL, 5 ); sb_server_trust_horiz->Add( m_server_trust_icon, 0, wxALL, 5 );
wxBoxSizer* sb_server_trust_vert; wxBoxSizer* sb_server_trust_vert;
sb_server_trust_vert = new wxBoxSizer( wxVERTICAL ); sb_server_trust_vert = new wxBoxSizer( wxVERTICAL );
m_server_trust_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Describe the servers you trust to prevent credential interception in case of man-in-the-middle attacks."), wxDefaultPosition, wxDefaultSize, 0 ); m_server_trust_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Describe the servers you trust to prevent credential interception in case of man-in-the-middle attacks."), wxDefaultPosition, wxDefaultSize, 0 );
m_server_trust_label->Wrap( 446 ); m_server_trust_label->Wrap( 446 );
sb_server_trust_vert->Add( m_server_trust_label, 0, wxALL|wxEXPAND, 5 ); sb_server_trust_vert->Add( m_server_trust_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_root_ca; wxBoxSizer* sb_root_ca;
sb_root_ca = new wxBoxSizer( wxVERTICAL ); sb_root_ca = new wxBoxSizer( wxVERTICAL );
m_root_ca_lbl = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable Certificate Authorities:"), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_lbl = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable Certificate Authorities:"), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_lbl->Wrap( -1 ); m_root_ca_lbl->Wrap( -1 );
sb_root_ca->Add( m_root_ca_lbl, 0, wxEXPAND|wxBOTTOM, 5 ); sb_root_ca->Add( m_root_ca_lbl, 0, wxEXPAND|wxBOTTOM, 5 );
m_root_ca = new wxListBox( sb_server_trust->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, 0, NULL, wxLB_SORT ); m_root_ca = new wxListBox( sb_server_trust->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, 0, NULL, wxLB_SORT );
m_root_ca->SetToolTip( _("List of certificate authorities server's certificate must be issued by") ); m_root_ca->SetToolTip( _("List of certificate authorities server's certificate must be issued by") );
sb_root_ca->Add( m_root_ca, 1, wxEXPAND|wxBOTTOM, 5 ); sb_root_ca->Add( m_root_ca, 1, wxEXPAND|wxBOTTOM, 5 );
wxBoxSizer* sb_root_ca_btn; wxBoxSizer* sb_root_ca_btn;
sb_root_ca_btn = new wxBoxSizer( wxHORIZONTAL ); sb_root_ca_btn = new wxBoxSizer( wxHORIZONTAL );
m_root_ca_add_store = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from Store..."), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_add_store = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from Store..."), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_add_store->SetToolTip( _("Adds a new certificate authority from the certificate store to the list") ); m_root_ca_add_store->SetToolTip( _("Adds a new certificate authority from the certificate store to the list") );
sb_root_ca_btn->Add( m_root_ca_add_store, 0, wxRIGHT, 5 ); sb_root_ca_btn->Add( m_root_ca_add_store, 0, wxRIGHT, 5 );
m_root_ca_add_file = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from File..."), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_add_file = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from File..."), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_add_file->SetToolTip( _("Adds a new certificate authority from the file to the list") ); m_root_ca_add_file->SetToolTip( _("Adds a new certificate authority from the file to the list") );
sb_root_ca_btn->Add( m_root_ca_add_file, 0, wxRIGHT|wxLEFT, 5 ); sb_root_ca_btn->Add( m_root_ca_add_file, 0, wxRIGHT|wxLEFT, 5 );
m_root_ca_remove = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("&Remove CA"), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_remove = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("&Remove CA"), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_remove->Enable( false ); m_root_ca_remove->Enable( false );
m_root_ca_remove->SetToolTip( _("Removes selected certificate authorities from the list") ); m_root_ca_remove->SetToolTip( _("Removes selected certificate authorities from the list") );
sb_root_ca_btn->Add( m_root_ca_remove, 0, wxLEFT, 5 ); sb_root_ca_btn->Add( m_root_ca_remove, 0, wxLEFT, 5 );
sb_root_ca->Add( sb_root_ca_btn, 0, wxALIGN_RIGHT, 5 ); sb_root_ca->Add( sb_root_ca_btn, 0, wxALIGN_RIGHT, 5 );
sb_server_trust_vert->Add( sb_root_ca, 1, wxEXPAND|wxALL, 5 ); sb_server_trust_vert->Add( sb_root_ca, 1, wxEXPAND|wxALL, 5 );
wxBoxSizer* sb_server_names; wxBoxSizer* sb_server_names;
sb_server_names = new wxBoxSizer( wxVERTICAL ); sb_server_names = new wxBoxSizer( wxVERTICAL );
m_server_names_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable server &names:"), wxDefaultPosition, wxDefaultSize, 0 ); m_server_names_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable server &names:"), wxDefaultPosition, wxDefaultSize, 0 );
m_server_names_label->Wrap( -1 ); m_server_names_label->Wrap( -1 );
sb_server_names->Add( m_server_names_label, 0, wxBOTTOM, 5 ); sb_server_names->Add( m_server_names_label, 0, wxBOTTOM, 5 );
m_server_names = new wxTextCtrl( sb_server_trust->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); m_server_names = new wxTextCtrl( sb_server_trust->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; \"*\" wildchar allowed") ); m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; \"*\" wildchar allowed; Unicode characters allowed") );
sb_server_names->Add( m_server_names, 0, wxEXPAND|wxBOTTOM, 5 ); sb_server_names->Add( m_server_names, 0, wxEXPAND|wxBOTTOM, 5 );
m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;*.domain.org)"), wxDefaultPosition, wxDefaultSize, 0 ); m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;*.domain.org)"), wxDefaultPosition, wxDefaultSize, 0 );
m_server_names_note->Wrap( -1 ); m_server_names_note->Wrap( -1 );
sb_server_names->Add( m_server_names_note, 0, wxALIGN_RIGHT, 5 ); sb_server_names->Add( m_server_names_note, 0, wxALIGN_RIGHT, 5 );
sb_server_trust_vert->Add( sb_server_names, 0, wxEXPAND|wxALL, 5 ); sb_server_trust_vert->Add( sb_server_names, 0, wxEXPAND|wxALL, 5 );
sb_server_trust_horiz->Add( sb_server_trust_vert, 1, wxEXPAND, 5 ); sb_server_trust_horiz->Add( sb_server_trust_vert, 1, wxEXPAND, 5 );
sb_server_trust->Add( sb_server_trust_horiz, 1, wxEXPAND, 5 ); sb_server_trust->Add( sb_server_trust_horiz, 1, wxEXPAND, 5 );
this->SetSizer( sb_server_trust ); this->SetSizer( sb_server_trust );
this->Layout(); this->Layout();
// Connect Events // Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) ); this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this ); m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this ); m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this ); m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
m_root_ca_remove->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this ); m_root_ca_remove->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this );
} }
wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase() wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase()
{ {
// Disconnect Events // Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) ); this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this ); m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this ); m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this ); m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
m_root_ca_remove->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this ); m_root_ca_remove->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this );
} }
wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{ {
wxStaticBoxSizer* sb_credentials; wxStaticBoxSizer* sb_credentials;
sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("TLS Client Certificate") ), wxVERTICAL ); sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("TLS Client Certificate") ), wxVERTICAL );
wxBoxSizer* sb_credentials_horiz; wxBoxSizer* sb_credentials_horiz;
sb_credentials_horiz = new wxBoxSizer( wxHORIZONTAL ); sb_credentials_horiz = new wxBoxSizer( wxHORIZONTAL );
m_credentials_icon = new wxStaticBitmap( sb_credentials->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); m_credentials_icon = new wxStaticBitmap( sb_credentials->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_credentials_horiz->Add( m_credentials_icon, 0, wxALL, 5 ); sb_credentials_horiz->Add( m_credentials_icon, 0, wxALL, 5 );
wxBoxSizer* sb_credentials_vert; wxBoxSizer* sb_credentials_vert;
sb_credentials_vert = new wxBoxSizer( wxVERTICAL ); sb_credentials_vert = new wxBoxSizer( wxVERTICAL );
m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please select your client certificate to use for authentication."), wxDefaultPosition, wxDefaultSize, 0 ); m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please select your client certificate to use for authentication."), wxDefaultPosition, wxDefaultSize, 0 );
m_credentials_label->Wrap( 446 ); m_credentials_label->Wrap( 446 );
sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 ); sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_cert_radio; wxBoxSizer* sb_cert_radio;
sb_cert_radio = new wxBoxSizer( wxVERTICAL ); sb_cert_radio = new wxBoxSizer( wxVERTICAL );
m_cert_none = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Co&nnect without providing a client certificate"), wxDefaultPosition, wxDefaultSize, wxRB_GROUP ); m_cert_none = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Co&nnect without providing a client certificate"), wxDefaultPosition, wxDefaultSize, wxRB_GROUP );
m_cert_none->SetToolTip( _("Select if your server does not require you to provide a client certificate") ); m_cert_none->SetToolTip( _("Select if your server does not require you to provide a client certificate") );
sb_cert_radio->Add( m_cert_none, 1, wxEXPAND, 5 ); sb_cert_radio->Add( m_cert_none, 1, wxEXPAND, 5 );
wxBoxSizer* sb_cert_select; wxBoxSizer* sb_cert_select;
sb_cert_select = new wxBoxSizer( wxHORIZONTAL ); sb_cert_select = new wxBoxSizer( wxHORIZONTAL );
m_cert_select = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Use the following &certificate:"), wxDefaultPosition, wxDefaultSize, 0 ); m_cert_select = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Use the following &certificate:"), wxDefaultPosition, wxDefaultSize, 0 );
m_cert_select->SetToolTip( _("Select if you need to provide a client certificate when connecting") ); m_cert_select->SetToolTip( _("Select if you need to provide a client certificate when connecting") );
sb_cert_select->Add( m_cert_select, 0, wxEXPAND, 5 ); sb_cert_select->Add( m_cert_select, 0, wxEXPAND, 5 );
wxArrayString m_cert_select_valChoices; wxArrayString m_cert_select_valChoices;
m_cert_select_val = new wxChoice( sb_credentials->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, m_cert_select_valChoices, wxCB_SORT ); m_cert_select_val = new wxChoice( sb_credentials->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, m_cert_select_valChoices, wxCB_SORT );
m_cert_select_val->SetSelection( 0 ); m_cert_select_val->SetSelection( 0 );
m_cert_select_val->SetToolTip( _("Client certificate to use for authentication") ); m_cert_select_val->SetToolTip( _("Client certificate to use for authentication") );
sb_cert_select->Add( m_cert_select_val, 1, wxEXPAND, 5 ); sb_cert_select->Add( m_cert_select_val, 1, wxEXPAND, 5 );
sb_cert_radio->Add( sb_cert_select, 1, wxEXPAND, 5 ); sb_cert_radio->Add( sb_cert_select, 1, wxEXPAND, 5 );
sb_credentials_vert->Add( sb_cert_radio, 0, wxEXPAND|wxALL, 5 ); sb_credentials_vert->Add( sb_cert_radio, 0, wxEXPAND|wxALL, 5 );
m_remember = new wxCheckBox( sb_credentials->GetStaticBox(), wxID_ANY, _("&Remember"), wxDefaultPosition, wxDefaultSize, 0 ); m_remember = new wxCheckBox( sb_credentials->GetStaticBox(), wxID_ANY, _("&Remember"), wxDefaultPosition, wxDefaultSize, 0 );
m_remember->SetHelpText( _("Check if you would like to save certificate selection") ); m_remember->SetHelpText( _("Check if you would like to save certificate selection") );
sb_credentials_vert->Add( m_remember, 0, wxALL|wxEXPAND, 5 ); sb_credentials_vert->Add( m_remember, 0, wxALL|wxEXPAND, 5 );
sb_credentials_horiz->Add( sb_credentials_vert, 1, wxEXPAND, 5 ); sb_credentials_horiz->Add( sb_credentials_vert, 1, wxEXPAND, 5 );
sb_credentials->Add( sb_credentials_horiz, 0, wxEXPAND, 5 ); sb_credentials->Add( sb_credentials_horiz, 0, wxEXPAND, 5 );
this->SetSizer( sb_credentials ); this->SetSizer( sb_credentials );
this->Layout(); this->Layout();
} }
wxTLSCredentialsPanelBase::~wxTLSCredentialsPanelBase() wxTLSCredentialsPanelBase::~wxTLSCredentialsPanelBase()
{ {
} }

3250
lib/TLS_UI/res/wxTLS_UI.fbp
View File

File diff suppressed because it is too large Load Diff

1246
lib/TLS_UI/src/TLS_UI.cpp
View File

File diff suppressed because it is too large Load Diff