4ae048fd9f
Auditing of CryptProtectData() enabled
2016-11-07 11:06:20 +01:00
b87e30bc9d
Some final adjustments to EapHost inner method code before I put it to rest because of RasMan MSCHAPv2 heap corruption :(
2016-11-03 10:11:31 +01:00
d234e55ae4
- Doxygen documentation updated
...
- Some minor issues stumbled upon fixed
- WIN1250 >> UTF-8
2016-11-02 01:25:38 +01:00
d87b3d37e5
Discrete output of credentials to event log centralized
2016-10-25 13:37:39 +02:00
7a26128c7b
"auto" simplified
2016-10-10 15:00:10 +02:00
e94e3bdd60
credentials::combine() methods updated with support for EAPMsg:
...
- Additional parameters
- Additional result code
- User impersonation now mounted inside of credentials::combine() when required
2016-10-10 14:31:23 +02:00
e8eec11618
EAP-TTLS inner method no longer needs to have support for configured credentials
2016-10-04 10:13:45 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
79cc1af86f
Clean-up and XML handling enhancement:
...
- XML helper functions always return objects by winstd::com_obj or winstd::bstr reference now to ensure proper release by caller
- get_element_value()/put_element_value() can optionally return reference to the XML object if required
- WinStd macros to simplify dplhandle<> and handle<> inherited classes reused by non-copyable classes
2016-09-23 14:43:31 +02:00
0ab18017cd
Pre-shared >> Configured credentials, Own >> Stored credentials
2016-09-21 09:43:02 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
c9be6f4f7b
Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added
2016-08-31 14:39:27 +02:00
452fa4b9dc
Inserting single-occurrence XML elements with children simplified
2016-08-31 09:48:11 +02:00
68aec5dfb4
Namespace name is static member now
2016-08-31 08:43:03 +02:00
b6ae394eaf
User identity derived from certificate is using sAN2 and sAN extensions only now
2016-08-29 13:51:19 +02:00
df680e74f6
TLS credentials are considered empty regardless the state of custom identity setting now
2016-08-28 20:05:41 +02:00
fc5e54db05
Inner configuration/credential management virtualized to reduce cluttering code
2016-08-28 17:20:24 +02:00
6835f5279c
Certificate (TLS) credentials support custom identity now
2016-08-24 11:03:18 +02:00
df1d431bd0
- TLS revised (again)
...
- TLS Session resumption issues resolved
- Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
- Last authentication attempt failure notice is more general and no longer insinuate user credentials are the likely cause of the failure
- Additional log messages added
2016-08-17 11:50:34 +02:00
d8ccf7cbc0
Credential management revised
2016-08-15 17:33:10 +02:00
e34d2ba275
Prefast declaration update
2016-08-15 15:10:42 +02:00
1bf51fda25
win_runtime_error moved to WinStd; eapxml functions return HRESULT now
2016-08-09 01:05:00 +02:00
b71e30f642
EAP_ERROR replaced with C++ exceptions for increased code readability
2016-08-08 22:59:17 +02:00
2aa4bce8cc
eap::config::m_module reference again
2016-08-06 07:01:12 +02:00
460adb9858
m_module is now a pointer instead of reference
2016-08-05 11:23:59 +02:00
35034789d2
String typing fixed
2016-07-21 12:34:49 +02:00
ee8410bdb9
credentials::target_suffix() is public now, as it can be reused to provide GUI method identifier
2016-07-21 12:33:32 +02:00
627b20aabc
pack() => operator <<, unpack() => operator >>, get_pk_size() => pksizeof()
2016-07-21 09:20:09 +02:00
51428d290f
Memory overflow detection when packing/unpacking BLOB added
2016-07-20 19:29:21 +02:00
ce0bbc5b45
config_method::m_preshared moved to heap, which in turn required shift to virtual methods for packing/unpacking BLOBs
2016-07-20 14:59:12 +02:00
3e82e988d4
Identity of digital certificates is correctly resolved now
2016-07-20 12:59:58 +02:00
512f46f014
pack/unpack & load/save nesting arranged all the way up to eap::config
2016-07-20 10:31:34 +02:00
a92cafea36
eap::credentials::get_name() method introduced to allow more detailed display of certificate names
2016-07-20 10:05:36 +02:00
4f6943044f
eap::credentials::m_identity replaced with virtual method get_identity()
2016-07-20 09:54:26 +02:00
4630b32f77
target_suffix() method is private now
2016-07-19 13:39:41 +02:00
4acabbca4e
Configuration and credentials logging introduced
2016-07-19 12:53:54 +02:00
922d0ac3d0
Additional RSA credential encryption replaced with product-specific entropy in user-specific encryption pass, to circumvent RSA data length limitation
2016-06-22 23:32:28 +02:00
a2ca2fd850
Logging and error reporting simplified
2016-06-21 13:15:50 +02:00
0c8492ccd1
CredProtect() replaced with CryptProtectData() << the former didn't work between normal and UAC-elevated processes: stored credentials are no longer valid and should be reentered
2016-06-20 16:37:48 +02:00
d430b63829
(Pre-shared) client certificates are no longer maintained by hash only
2016-06-16 00:29:56 +02:00
ec0b283540
Functions using EAP_ERROR descriptor return bool now for code simplicity
2016-06-15 22:59:52 +02:00
a9fdd1d71d
Support for pre-shared credentials introduced
2016-06-15 20:00:04 +02:00
df2fee4cef
Virtual method implementations moved to .cpp files
...
get_method_id() now const
2016-06-15 11:26:51 +02:00
9cf80108b5
Credential saving to XML introduced to support pre-shared credentials
2016-06-15 11:05:32 +02:00
e0460fa15b
Redundant sizeof(char) removed for code clarity
2016-06-15 10:52:23 +02:00
cf7ca9c8e9
EAP modules divided to libraries
2016-06-10 12:24:49 +02:00
