654c965851
Support for various peer action request extended
2016-10-27 10:00:18 +02:00
d87b3d37e5
Discrete output of credentials to event log centralized
2016-10-25 13:37:39 +02:00
abf54ad342
Doxygen documentation update
2016-10-25 08:51:04 +02:00
e7e1a6735d
pEapOutput Prefast specifier for process_request_packet() methods changed
2016-10-24 14:55:31 +02:00
a1f9a7bab9
ppResult >> pResult
2016-10-24 13:33:01 +02:00
7a26128c7b
"auto" simplified
2016-10-10 15:00:10 +02:00
e94e3bdd60
credentials::combine() methods updated with support for EAPMsg:
...
- Additional parameters
- Additional result code
- User impersonation now mounted inside of credentials::combine() when required
2016-10-10 14:31:23 +02:00
e8eec11618
EAP-TTLS inner method no longer needs to have support for configured credentials
2016-10-04 10:13:45 +02:00
c53ed21d55
Code clean-up
2016-10-03 14:54:02 +02:00
01245d15d9
ID 8. A typo in the comment from security audit resolved
2016-10-03 14:54:02 +02:00
ff4e8c6885
ID 7. Commented out parts of the code from security audit partially resolved
2016-10-03 14:54:02 +02:00
f0af016efe
ID 4. Possibility of method_tls class initialization list optimization from security audit fixed
2016-10-03 14:54:01 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
28408fcea7
ID 2. Missing functionality from security audit report partially fixed
2016-10-03 14:52:57 +02:00
a1455078e9
Explicit server certificate check introduced
2016-10-03 14:51:45 +02:00
b6adb2a850
Common members from config_method_with_cred moved to parent config_method
2016-09-29 11:23:22 +02:00
79cc1af86f
Clean-up and XML handling enhancement:
...
- XML helper functions always return objects by winstd::com_obj or winstd::bstr reference now to ensure proper release by caller
- get_element_value()/put_element_value() can optionally return reference to the XML object if required
- WinStd macros to simplify dplhandle<> and handle<> inherited classes reused by non-copyable classes
2016-09-23 14:43:31 +02:00
aff9f4f9f0
Missing Event project dependencies added
2016-09-21 09:43:29 +02:00
0ab18017cd
Pre-shared >> Configured credentials, Own >> Stored credentials
2016-09-21 09:43:02 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
c765954c0f
"Last Authentication Failed" flag extended to support finer feedback, why last authentication failed
2016-09-06 14:10:02 +02:00
b255aa6505
EapPeerMethodResult's fIsSuccess and dwFailureReasonCode management revised to guarantee configuration gets saved
2016-09-06 09:57:34 +02:00
d83f5422d7
MSCHAPv2 almost finished...
2016-09-05 16:44:18 +02:00
c33c8b551b
Clean-up
2016-09-04 17:57:04 +02:00
bd7f3f4a38
Still trying to make Schannel resume sessions
2016-09-02 14:05:03 +02:00
621669828b
Schannel and ownTLS MSK derivation unified
2016-09-02 14:03:34 +02:00
00aee5bb78
ownTLS updated
2016-09-02 11:38:28 +02:00
198b9a576e
Maximum packet size parameter is now optional
2016-09-02 10:19:39 +02:00
566785192a
Requirement that eap::method processes EAP packets only dropped, work with non-EAP methods simplified
2016-09-02 09:50:21 +02:00
1c5f0b5c81
Graceful Schannel context shutdown added, but session resumption still does not work :(
2016-09-01 15:42:57 +02:00
56e2448f71
Clearing session resumption for ownTLS added.
...
(Have yet to learn how do you do this for Schannel. Better yet: How do you make Schannel resume a session in the first place.)
2016-09-01 14:59:03 +02:00
1e60d21860
On session reconnect skip inner re-authentication now
2016-09-01 12:49:20 +02:00
844b185887
EAP packet classes organized in hierarchy now
2016-09-01 10:25:33 +02:00
171e924dcf
Estimated flag to enable TLS 1.3 once available added
2016-08-31 18:40:28 +02:00
281c3ee083
Schannel tweaked to support TLS 1.2 now
...
(closes #16 )
2016-08-31 18:13:24 +02:00
c9be6f4f7b
Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added
2016-08-31 14:39:27 +02:00
452fa4b9dc
Inserting single-occurrence XML elements with children simplified
2016-08-31 09:48:11 +02:00
68aec5dfb4
Namespace name is static member now
2016-08-31 08:43:03 +02:00
cafd786e19
Own TLS updated to keep it alive (now that the fuss around outer/inner methods settled)
2016-08-29 20:40:37 +02:00
a7c8052ee2
eap::method revised to support nesting, so the PAP method was made a stand-alone method
2016-08-29 20:05:58 +02:00
b6ae394eaf
User identity derived from certificate is using sAN2 and sAN extensions only now
2016-08-29 13:51:19 +02:00
79499d7afd
i and i disambiguation
2016-08-29 13:50:36 +02:00
df680e74f6
TLS credentials are considered empty regardless the state of custom identity setting now
2016-08-28 20:05:41 +02:00
fc5e54db05
Inner configuration/credential management virtualized to reduce cluttering code
2016-08-28 17:20:24 +02:00
9daa5b52a4
Incorrect letter case referencing EapHost service fixed
2016-08-27 06:58:57 +02:00
6077063599
The credentials are marked "invalid" at transition from handshake to application data phase only to prevent initial handshake problems from popping-up credential prompt when credentials have nothing to do with the connection failure.
2016-08-25 13:08:11 +02:00
2857b2edd2
First application data message is now appended piggyback to the last client handshake message
...
(Hopefully resolving issue with Radiator)
2016-08-25 13:00:47 +02:00
6760287f0d
Duplicate log record of EAP-TLS handshake removed
2016-08-25 12:58:56 +02:00
7973a8d59b
Handshake log events are a bit more specific now
2016-08-25 12:57:47 +02:00
d1c24efcf0
config_method_with_cred renamed to config_connection to describe it better
2016-08-24 11:39:37 +02:00
