bafbdec9d3
User interaction and EAP response attributes management delegated to eap::method
2016-10-14 10:34:14 +02:00
7a26128c7b
"auto" simplified
2016-10-10 15:00:10 +02:00
e40ee1c34b
Missing EapHost peer initialization added
2016-10-10 14:31:32 +02:00
e94e3bdd60
credentials::combine() methods updated with support for EAPMsg:
...
- Additional parameters
- Additional result code
- User impersonation now mounted inside of credentials::combine() when required
2016-10-10 14:31:23 +02:00
c660e2b3e6
config_method_with_cred::make_credentials() method moved to parent class config_method for seamless EAPMsg method support
2016-10-10 13:20:08 +02:00
583fc19da7
config_method_ttls::make_config_method() method modified to support EAPMsg
2016-10-04 12:12:46 +02:00
dab9e69dd3
Inner EAP method support progress continues...
2016-10-04 10:32:11 +02:00
2f49934a92
Some more C casting replaced with C++ dynamic casting
2016-10-04 10:20:01 +02:00
e8eec11618
EAP-TTLS inner method no longer needs to have support for configured credentials
2016-10-04 10:13:45 +02:00
03d6823241
Some more C casting replaced with C++ dynamic casting
2016-10-04 09:16:14 +02:00
c53ed21d55
Code clean-up
2016-10-03 14:54:02 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
7924612419
ID 1. Variables shadowing from security audit report fixed
2016-10-03 14:52:44 +02:00
b6adb2a850
Common members from config_method_with_cred moved to parent config_method
2016-09-29 11:23:22 +02:00
7bc6494b4c
Amend to commit 2684c6b7de3ac62ce2edf04cb57a8345600e66f9
2016-09-28 11:25:35 +02:00
79cc1af86f
Clean-up and XML handling enhancement:
...
- XML helper functions always return objects by winstd::com_obj or winstd::bstr reference now to ensure proper release by caller
- get_element_value()/put_element_value() can optionally return reference to the XML object if required
- WinStd macros to simplify dplhandle<> and handle<> inherited classes reused by non-copyable classes
2016-09-23 14:43:31 +02:00
0ab18017cd
Pre-shared >> Configured credentials, Own >> Stored credentials
2016-09-21 09:43:02 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
b11cb3a5f2
MSCHAPv2 now functional
...
(closes #5 )
2016-09-06 14:10:46 +02:00
c765954c0f
"Last Authentication Failed" flag extended to support finer feedback, why last authentication failed
2016-09-06 14:10:02 +02:00
b7ed9d076f
When inner method admits its authentication (credentials) failed, failed authentication flag for outer method is cleared
2016-09-06 10:02:55 +02:00
b255aa6505
EapPeerMethodResult's fIsSuccess and dwFailureReasonCode management revised to guarantee configuration gets saved
2016-09-06 09:57:34 +02:00
d83f5422d7
MSCHAPv2 almost finished...
2016-09-05 16:44:18 +02:00
4076655e2e
MSCHAPv2 work continues...
2016-09-04 18:00:36 +02:00
e4e9604297
method_ttls::derive_challenge() introduced
2016-09-04 18:00:10 +02:00
765466f535
Missing memory-sanitation added
2016-09-04 17:57:59 +02:00
0095ebbff6
Provider identity is now coherent to draft-winter-opsawg-eap-metadata-02
2016-09-02 19:24:47 +02:00
a8070e9bba
Clean-up
2016-09-02 14:07:56 +02:00
621669828b
Schannel and ownTLS MSK derivation unified
2016-09-02 14:03:34 +02:00
00aee5bb78
ownTLS updated
2016-09-02 11:38:28 +02:00
198b9a576e
Maximum packet size parameter is now optional
2016-09-02 10:19:39 +02:00
566785192a
Requirement that eap::method processes EAP packets only dropped, work with non-EAP methods simplified
2016-09-02 09:50:21 +02:00
6c11b23267
MSCHAPv2 stub added - it's a PAP clone, so selecting it does PAP really
2016-09-01 14:59:40 +02:00
56e2448f71
Clearing session resumption for ownTLS added.
...
(Have yet to learn how do you do this for Schannel. Better yet: How do you make Schannel resume a session in the first place.)
2016-09-01 14:59:03 +02:00
1e60d21860
On session reconnect skip inner re-authentication now
2016-09-01 12:49:20 +02:00
844b185887
EAP packet classes organized in hierarchy now
2016-09-01 10:25:33 +02:00
ae66af02a2
After careful review of draft-winter-opsawg-eap-metadata the pre/post-processing of <OuterIdentity> was found inaccurate and has been dropped
2016-09-01 05:54:36 +02:00
60f1b4ccfb
Pre&post-processing of XML configuration introduced to allow draft-winter-opsawg-eap-metadata-02 compliant XML profiles on the outside, while maintaining internal simplicity
2016-08-31 16:33:19 +02:00
c9be6f4f7b
Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added
2016-08-31 14:39:27 +02:00
452fa4b9dc
Inserting single-occurrence XML elements with children simplified
2016-08-31 09:48:11 +02:00
68aec5dfb4
Namespace name is static member now
2016-08-31 08:43:03 +02:00
5dfd079686
Support for multi-provider management added to GUI
2016-08-31 00:36:19 +02:00
cafd786e19
Own TLS updated to keep it alive (now that the fuss around outer/inner methods settled)
2016-08-29 20:40:37 +02:00
a7c8052ee2
eap::method revised to support nesting, so the PAP method was made a stand-alone method
2016-08-29 20:05:58 +02:00
aa7c5bebda
Outer and inner TTLS credentials are combined separately now to provide finer feedback for more accurate logging (again)
2016-08-29 09:27:32 +02:00
ceece01b99
In case of previously-failed authentication attempts we are more careful now not to request credential prompt for machine authentication
2016-08-29 09:25:38 +02:00
e66a7eb9ba
dePAPization continues to pave the road for seamless MSCHAPv2 integration
2016-08-28 20:04:45 +02:00
6c66862eed
TTLS config and credentials are now expected to always have inner config and credentials object present; it can be blank, but it must not be nullptr
2016-08-28 17:43:06 +02:00
fc5e54db05
Inner configuration/credential management virtualized to reduce cluttering code
2016-08-28 17:20:24 +02:00
d20aafb3ff
Identity selection revised to support cases where TLS certificate is present but contains no usable username
2016-08-28 16:38:13 +02:00
