Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity
1,027 Commits 3 Branches 69 Tags
Commit Graph

204 Commits

Author SHA1 Message Date
Simon Rozman
19c523509b Move Hex from WinStd to stdex 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2022-02-03 15:42:04 +01:00
Simon Rozman
a254dd527a Move Base64 from WinStd to stdex 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2022-02-03 14:16:47 +01:00
Simon Rozman
6f92e82598 WinStd: Update 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2022-02-03 13:03:59 +01:00
Simon Rozman
5e7f55880a Update Copyright and build year 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2022-01-07 11:21:33 +01:00
Simon Rozman
0e7a9c7448 Redirect output files to the output folder 
Thou linker can locate the output .lib file of referenced projects
wherever .lib is just fine, this helps us to gather all .pdb files in
the output folder.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2021-12-01 07:20:50 +01:00
Simon Rozman
0d905f414e Cleanup project files 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2021-12-01 06:28:32 +01:00
Simon Rozman
b55ddd7d86 Update Copyright and build year 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2021-11-22 15:31:23 +01:00
Simon Rozman
b96ebfbce4 Switch to SPDX license notice 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2021-11-22 15:20:57 +01:00
Simon Rozman
2862faba73 Fix UTF-8 encoding 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2021-11-20 08:14:44 +01:00
Simon Rozman
8c2225992e TLS: Revise Schannel flags 
- SCH_USE_STRONG_CRYPTO is now declared in the Windows SDK included with
  Visual Studio 2019. No need to enter this flag numerically any more.

- m_sc_ctx.initialize() and m_sc_ctx.process() should use same flags.
  They are actually. Rather than copy&paste them, declare them in a
  single place.

- Add ISC_REQ_USE_SUPPLIED_CREDS flag. Use the client certificate we
  supply or none at all.

- Add ISC_REQ_MANUAL_CRED_VALIDATION flag. We validate the server
  certificate.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:59 +01:00
Simon Rozman
8d42db2f56 TLS: Use protocol version enabled on the system by default 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:58 +01:00
Simon Rozman
4dad574377 Rename StdAfx.h to PCH.h 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:58 +01:00
Simon Rozman
3bd2d1fd09 credentials_tls: Update documentation 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
d4c01a5345 config_method_tls: Cleanup 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
6e97a04bfe credentials_tls: Keep thumbprint rather than client certificate 
By storing the client certificate the certificate became detached from
its private key stored in user certificate store. This rendered client
certificates useless for client TLS authentication.

Now, the client certificate thumbprint is stored instead. The client
certificate is looked up in the user certificate store as required.

This breaks profile XML and BLOB backward compatibility. Since the
client certificate support was broken, nobody probably used those in
the settings before.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
75488ba870 credentials: Move user impersonation to peer::get_identity() 
To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.

By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
e2eb41e811 credentials_tls: Use WinCrypt to get client certificate name 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
6511d826a0 peer: Move all generic methods upstream from peer_tls_base 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:57 +01:00
Simon Rozman
5b02352f1a Resolve the make_...() methods 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:56 +01:00
Simon Rozman
5195b79eed method_ttls: Reintroduce 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:56 +01:00
Simon Rozman
d400901c52 Rename peer_tls to peer_tls_base 
peer_tls is actually not a complete EAP-TLS implementation.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:38 +01:00
Simon Rozman
570eb83558 peer_tls: Move all applicable methods upstream to make reusable 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:38 +01:00
Simon Rozman
1d558c939e Rename method_tls_tunnel to method_tls and move upstream 
CRL checking was also moved upstream as method_tls triggers it.

Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:10:37 +01:00
Simon Rozman
5c0299197b method_defrag: Move upstream to make reusable 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-07 13:09:43 +01:00
Simon Rozman
b3291ff8b1 Remove excessive UTF-8 BOM marker 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-06 11:53:41 +01:00
Simon Rozman
1cc7b1a3a0 Simplify .vcxproj and .props 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-06 11:53:39 +01:00
Simon Rozman
5a7827e85e Make enums scoped 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-06 11:53:38 +01:00
Simon Rozman
059710d83c Update Copyright year 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2020-02-05 11:45:51 +01:00
Simon Rozman
fac33ee0b1 Remove UTF-8 BOM 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2019-11-28 17:04:16 +01:00
Simon Rozman
6fb5cb88d2 Address code analysis warnings 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2019-09-04 13:11:48 +02:00
Simon Rozman
0e69fb175c Upgrade to Visual Studio 2019 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2019-06-14 10:54:41 +02:00
Simon Rozman
5a82dc2a25 Unify LPCBYTE 
Signed-off-by: Simon Rozman <simon@rozman.si>
 2019-06-14 09:57:48 +02:00
Simon Rozman
1879d00bf9 Add support for ARM64 platform 2018-09-07 10:39:20 +02:00
Simon Rozman
0602285220 Switch to Visual Studio 2017 2018-09-05 14:56:08 +02:00
Simon Rozman
4ae048fd9f Auditing of CryptProtectData() enabled 2016-11-07 11:06:20 +01:00
Simon Rozman
48ba0b3664 Typo in documentation fixed 2016-11-03 11:11:54 +01:00
Simon Rozman
b87e30bc9d Some final adjustments to EapHost inner method code before I put it to rest because of RasMan MSCHAPv2 heap corruption :( 2016-11-03 10:11:31 +01:00
Simon Rozman
d234e55ae4 - Doxygen documentation updated 
- Some minor issues stumbled upon fixed
- WIN1250 >> UTF-8
 2016-11-02 01:25:38 +01:00
Simon Rozman
52a428bb5e Various ownTLS leftover clean-up 2016-11-01 05:33:55 +01:00
Simon Rozman
c31e019cef eap::metod thorough redesign: 
- Support for method stacking introduced
- EAP-TLS method has been discontinued
- ownTLS has been discontinued
 2016-10-31 16:58:53 +01:00
Simon Rozman
af56825d39 Code clean-up 2016-10-28 13:50:30 +02:00
Simon Rozman
f5a40f7ca8 Doxygen update 2016-10-28 13:47:59 +02:00
Simon Rozman
654c965851 Support for various peer action request extended 2016-10-27 10:00:18 +02:00
Simon Rozman
d87b3d37e5 Discrete output of credentials to event log centralized 2016-10-25 13:37:39 +02:00
Simon Rozman
abf54ad342 Doxygen documentation update 2016-10-25 08:51:04 +02:00
Simon Rozman
e7e1a6735d pEapOutput Prefast specifier for process_request_packet() methods changed 2016-10-24 14:55:31 +02:00
Simon Rozman
a1f9a7bab9 ppResult >> pResult 2016-10-24 13:33:01 +02:00
Simon Rozman
7a26128c7b "auto" simplified 2016-10-10 15:00:10 +02:00
Simon Rozman
e94e3bdd60 credentials::combine() methods updated with support for EAPMsg: 
- Additional parameters
- Additional result code
- User impersonation now mounted inside of credentials::combine() when required
 2016-10-10 14:31:23 +02:00
Simon Rozman
e8eec11618 EAP-TTLS inner method no longer needs to have support for configured credentials 2016-10-04 10:13:45 +02:00