a6eac3beb4
Simple BLOB encryption/decryption added & comment updates
2017-02-01 10:28:04 +01:00
d82e22d188
Post-festum CRL checking introduced
2016-12-05 13:00:39 +01:00
e8d2e33aac
WideCharToMultiByte() and MultiByteToWideChar() optimization
2016-11-07 13:44:40 +01:00
6166dd3887
Reported events are more consistent now
2016-11-04 11:51:39 +01:00
d08b70c284
Last result status handling improved
2016-11-04 11:50:58 +01:00
7750ebdb66
MSCHAPv2 server challenge issue fixed
2016-11-04 11:49:01 +01:00
1fc2b7ff66
Redundant std::string to const char* conversion in exception constructors cleaned
2016-11-04 09:26:27 +01:00
88651e4ffe
EAP-MSCHAPv2 support finished
2016-11-04 09:16:43 +01:00
a450d02485
Maximum inner method packet length now precisely calculated in begin_session() methods too
2016-11-03 07:55:33 +01:00
fba3619747
eap::method_eapmsg initial testing and issue resolving
2016-11-02 11:04:48 +01:00
52a428bb5e
Various ownTLS leftover clean-up
2016-11-01 05:33:55 +01:00
c31e019cef
eap::metod thorough redesign:
...
- Support for method stacking introduced
- EAP-TLS method has been discontinued
- ownTLS has been discontinued
2016-10-31 16:58:53 +01:00
654c965851
Support for various peer action request extended
2016-10-27 10:00:18 +02:00
65ea47eb4e
EAPMsg >> EapHost
2016-10-25 08:51:13 +02:00
e7e1a6735d
pEapOutput Prefast specifier for process_request_packet() methods changed
2016-10-24 14:55:31 +02:00
2c91b6ca8c
pEapOutput Prefast specifier for set_response_attributes() methods changed
2016-10-24 14:42:56 +02:00
0d73e2f7a2
Incorrect pEapOutput in method::set_ui_context() methods fixed
2016-10-24 14:11:15 +02:00
a1f9a7bab9
ppResult >> pResult
2016-10-24 13:33:01 +02:00
bafbdec9d3
User interaction and EAP response attributes management delegated to eap::method
2016-10-14 10:34:14 +02:00
7a26128c7b
"auto" simplified
2016-10-10 15:00:10 +02:00
dab9e69dd3
Inner EAP method support progress continues...
2016-10-04 10:32:11 +02:00
2f49934a92
Some more C casting replaced with C++ dynamic casting
2016-10-04 10:20:01 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
7924612419
ID 1. Variables shadowing from security audit report fixed
2016-10-03 14:52:44 +02:00
b6adb2a850
Common members from config_method_with_cred moved to parent config_method
2016-09-29 11:23:22 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
b11cb3a5f2
MSCHAPv2 now functional
...
(closes #5 )
2016-09-06 14:10:46 +02:00
c765954c0f
"Last Authentication Failed" flag extended to support finer feedback, why last authentication failed
2016-09-06 14:10:02 +02:00
b7ed9d076f
When inner method admits its authentication (credentials) failed, failed authentication flag for outer method is cleared
2016-09-06 10:02:55 +02:00
d83f5422d7
MSCHAPv2 almost finished...
2016-09-05 16:44:18 +02:00
4076655e2e
MSCHAPv2 work continues...
2016-09-04 18:00:36 +02:00
e4e9604297
method_ttls::derive_challenge() introduced
2016-09-04 18:00:10 +02:00
765466f535
Missing memory-sanitation added
2016-09-04 17:57:59 +02:00
a8070e9bba
Clean-up
2016-09-02 14:07:56 +02:00
621669828b
Schannel and ownTLS MSK derivation unified
2016-09-02 14:03:34 +02:00
00aee5bb78
ownTLS updated
2016-09-02 11:38:28 +02:00
198b9a576e
Maximum packet size parameter is now optional
2016-09-02 10:19:39 +02:00
566785192a
Requirement that eap::method processes EAP packets only dropped, work with non-EAP methods simplified
2016-09-02 09:50:21 +02:00
6c11b23267
MSCHAPv2 stub added - it's a PAP clone, so selecting it does PAP really
2016-09-01 14:59:40 +02:00
56e2448f71
Clearing session resumption for ownTLS added.
...
(Have yet to learn how do you do this for Schannel. Better yet: How do you make Schannel resume a session in the first place.)
2016-09-01 14:59:03 +02:00
1e60d21860
On session reconnect skip inner re-authentication now
2016-09-01 12:49:20 +02:00
844b185887
EAP packet classes organized in hierarchy now
2016-09-01 10:25:33 +02:00
cafd786e19
Own TLS updated to keep it alive (now that the fuss around outer/inner methods settled)
2016-08-29 20:40:37 +02:00
a7c8052ee2
eap::method revised to support nesting, so the PAP method was made a stand-alone method
2016-08-29 20:05:58 +02:00
9daa5b52a4
Incorrect letter case referencing EapHost service fixed
2016-08-27 06:58:57 +02:00
6077063599
The credentials are marked "invalid" at transition from handshake to application data phase only to prevent initial handshake problems from popping-up credential prompt when credentials have nothing to do with the connection failure.
2016-08-25 13:08:11 +02:00
d1c24efcf0
config_method_with_cred renamed to config_connection to describe it better
2016-08-24 11:39:37 +02:00
5332b538aa
Our own TLS merged back to master and compiles conditionally
2016-08-23 22:46:00 +02:00
9b997408a1
Switched to Schannel to do the TLS
2016-08-23 13:53:23 +02:00
df1d431bd0
- TLS revised (again)
...
- TLS Session resumption issues resolved
- Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
- Last authentication attempt failure notice is more general and no longer insinuate user credentials are the likely cause of the failure
- Additional log messages added
2016-08-17 11:50:34 +02:00
