MSVC C26800 warned us an object is not guaranteed to be cleared after
being moved from. At least in std C++ implementations.
Thou winstd does clear all objects after being moved from, we could just
silence C26800 warning. But what if some day winstd behavior changes and
with us having this warning silenced?
std::eap_attr has no clear() method, therefore revert to using scope and
temporary object. It achieves the same effect as clear after moved from
does.
Signed-off-by: Simon Rozman <simon@rozman.si>
Thou linker can locate the output .lib file of referenced projects
wherever .lib is just fine, this helps us to gather all .pdb files in
the output folder.
Signed-off-by: Simon Rozman <simon@rozman.si>
- SCH_USE_STRONG_CRYPTO is now declared in the Windows SDK included with
Visual Studio 2019. No need to enter this flag numerically any more.
- m_sc_ctx.initialize() and m_sc_ctx.process() should use same flags.
They are actually. Rather than copy&paste them, declare them in a
single place.
- Add ISC_REQ_USE_SUPPLIED_CREDS flag. Use the client certificate we
supply or none at all.
- Add ISC_REQ_MANUAL_CRED_VALIDATION flag. We validate the server
certificate.
Signed-off-by: Simon Rozman <simon@rozman.si>
By storing the client certificate the certificate became detached from
its private key stored in user certificate store. This rendered client
certificates useless for client TLS authentication.
Now, the client certificate thumbprint is stored instead. The client
certificate is looked up in the user certificate store as required.
This breaks profile XML and BLOB backward compatibility. Since the
client certificate support was broken, nobody probably used those in
the settings before.
Signed-off-by: Simon Rozman <simon@rozman.si>
To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.
By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.
Signed-off-by: Simon Rozman <simon@rozman.si>
