609d55cfeb
stdex: Update
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2022-03-07 11:46:45 +01:00
a2cab07a30
WinStd: Update
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2022-03-03 18:02:31 +01:00
19c523509b
Move Hex from WinStd to stdex
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2022-02-03 15:42:04 +01:00
a254dd527a
Move Base64 from WinStd to stdex
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2022-02-03 14:16:47 +01:00
5e7f55880a
Update Copyright and build year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2022-01-07 11:21:33 +01:00
67805dc9d1
Add missing data length check
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-23 13:35:48 +01:00
b55ddd7d86
Update Copyright and build year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-22 15:31:23 +01:00
b96ebfbce4
Switch to SPDX license notice
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-22 15:20:57 +01:00
1f6716b279
Cleanup WINSTD_NOVTABLE/__declspec(novtable)
...
This was originally intended as a compiler hint.
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-19 15:48:06 +01:00
a6bdb42ece
Deprecate encrypted BLOB checksum
...
The MD5 checksum was calculated on unencrypted data. This offered a
possibility for a dictionary attack.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-05-13 08:26:07 +02:00
fdc1e5cb73
Resolve C5205 warning
...
Reference: https://developercommunity.visualstudio.com/content/problem/893960/compiling-atlsecurityh-raises-several-c5205-warnin.html
Reference: https://developercommunity.visualstudio.com/idea/937938/msvc-version-1650-preview-20-introduces-a-new-c-wa.html
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-04-14 08:51:34 +02:00
75488ba870
credentials: Move user impersonation to peer::get_identity()
...
To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.
By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
e8b1e157d9
module: Make make_config() pure virtual
...
It is important to implement this method in derived classes. When we
provided default implementation returning NULL, introducing new methods
might leave this method not implemented without a compiler error.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
6511d826a0
peer: Move all generic methods upstream from peer_tls_base
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
5b02352f1a
Resolve the make_...() methods
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:56 +01:00
1d558c939e
Rename method_tls_tunnel to method_tls and move upstream
...
CRL checking was also moved upstream as method_tls triggers it.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:37 +01:00
383a85c18b
method: Merge with method_tunnel
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:09:43 +01:00
c40f71462f
ui_context: Merge with ui_context_tls_tunnel
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:09:43 +01:00
4da7785490
method_eap: Refactor
...
Instead of delayed response packet generation, the
method_eap::process_request_packet() prepares the response packet. This
eliminates the state machine.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
9d0e261bbe
method_eap: Add EAP Success/Failure support
...
Although, EapHost takes care for EAP Success and Failure packets for us,
it does so for the outer-most method only. When using EAP inside a TLS
tunnel, we are responsible for EAP Success and Failure packets ourselves.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
e5e5f1c63e
method_eap: Support EAP identity exchange
...
Although, EapHost takes care for EAP identity exchange for us, it does
so for the outer-most method only. When using EAP inside a TLS tunnel,
we are responsible for EAP identity exchange ourselves.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:52 +01:00
1c295360fc
Double link inner-outer methods
...
This allows inner methods to access method_defrag to get negotiated
EAP-TTLS/PEAP protocol version.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:00 +01:00
9e9648c924
Make modules and methods non-copyable & non-movable
...
Modules and methods are never duplicated or moved in a memory. Moving
constructors and operators are dead code.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:42 +01:00
c4fc8d184a
config_method_with_cred: Move anonymous identity upstream
...
This might break BLOB backward compatibility.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:41 +01:00
5a7827e85e
Make enums scoped
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:38 +01:00
6db816cd60
Match enum forward declaration
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:52:44 +01:00
840e055bf6
Relocate data encryption key
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:52:44 +01:00
059710d83c
Update Copyright year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-05 11:45:51 +01:00
fac33ee0b1
Remove UTF-8 BOM
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-11-28 17:04:16 +01:00
6fb5cb88d2
Address code analysis warnings
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-09-04 13:11:48 +02:00
2ce0c5d259
Optimize std::wstring (un)packing
...
The string is now converted to and from UTF-8 directly into or from
memory pointed by cursor. Extra buffer allocation and copy has been
dropped.
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-14 13:22:57 +02:00
f3cc5b6064
Fix typo
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-14 08:56:01 +02:00
8a093c645e
Make (un)packing of std C++ string explicit
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-14 08:55:32 +02:00
b3e5c93f4b
Add explicit constructors/operators to sanitizing_blob_(z)f
...
Otherwise the compiler might generate default ones - and delete them
too.
2018-09-05 14:32:03 +02:00
d2b66563e1
Fix incorrect template parameter tolerated by VC2010
2018-09-05 13:13:14 +02:00
e7e57abf52
Uninitialized enum higher bytes when reading as unsigned char fixed
2017-02-09 11:38:57 +01:00
66dd2bf283
eap::config split to eap::config and eap::packable
2017-02-07 09:33:29 +01:00
058ec398e6
__DANGEROUS__LOG_CONFIDENTIAL_DATA is now 0/1 #defined
2017-02-02 13:57:44 +01:00
6f049d2692
EAP_USE_NATIVE_CREDENTIAL_CACHE is now 0/1 #defined
2017-02-02 13:25:24 +01:00
191e4abd9c
eap::ui_context class for inter-process exchange introduced
2017-02-01 14:23:08 +01:00
386d852859
Clean-up
2017-02-01 13:11:27 +01:00
b632f0202f
get_ui_context() upgraded
2017-02-01 10:52:57 +01:00
57372b8f95
Simple BLOB encryption/decryption added & comment updates
2017-02-01 10:23:07 +01:00
172cd18c16
Missing namespace added
2017-02-01 09:54:17 +01:00
f9083dc300
eap::credentials reverted back to abstract class (25934dd8c70ca399ff4c58fd9a06319de81611f3 undone), and eap::credentials_identity introduced, since identity-only credentials must fail when <UserName> absent
2017-01-31 13:54:27 +01:00
25934dd8c7
eap::credentials no longer pure virtual to allow identity-only credentials (i.e. EAP-GTC).
2017-01-31 10:33:15 +01:00
dd144efa5f
New authentication status introduced: server compromised
2016-12-05 12:39:04 +01:00
e8d2e33aac
WideCharToMultiByte() and MultiByteToWideChar() optimization
2016-11-07 13:44:40 +01:00
3b6d2b2c14
Password and certificate output to log is no longer conditioned by _DEBUG
2016-11-07 10:48:13 +01:00
e7e484c814
Support for EapHost based inner methods has been (temporarily) disabled
2016-11-03 10:23:30 +01:00
