b55ddd7d86
Update Copyright and build year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-22 15:31:23 +01:00
b96ebfbce4
Switch to SPDX license notice
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2021-11-22 15:20:57 +01:00
a6bdb42ece
Deprecate encrypted BLOB checksum
...
The MD5 checksum was calculated on unencrypted data. This offered a
possibility for a dictionary attack.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-05-13 08:26:07 +02:00
0aab5f2e94
UI touch-up
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:58 +01:00
4dad574377
Rename StdAfx.h to PCH.h
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:58 +01:00
75488ba870
credentials: Move user impersonation to peer::get_identity()
...
To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.
By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
5a7827e85e
Make enums scoped
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:38 +01:00
059710d83c
Update Copyright year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-05 11:45:51 +01:00
fac33ee0b1
Remove UTF-8 BOM
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-11-28 17:04:16 +01:00
6fb5cb88d2
Address code analysis warnings
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-09-04 13:11:48 +02:00
366e08899b
Review implicit narrowing conversions
2018-09-05 14:29:49 +02:00
352ad4f9d2
Stop using <> parentheses to avoid XML/HTML markup
...
Transifex treats strings enclosed in <> as HTML.
2018-06-20 14:59:52 +02:00
f9083dc300
eap::credentials reverted back to abstract class (25934dd8c70ca399ff4c58fd9a06319de81611f3 undone), and eap::credentials_identity introduced, since identity-only credentials must fail when <UserName> absent
2017-01-31 13:54:27 +01:00
25934dd8c7
eap::credentials no longer pure virtual to allow identity-only credentials (i.e. EAP-GTC).
2017-01-31 10:33:15 +01:00
e8d2e33aac
WideCharToMultiByte() and MultiByteToWideChar() optimization
2016-11-07 13:44:40 +01:00
4ae048fd9f
Auditing of CryptProtectData() enabled
2016-11-07 11:06:20 +01:00
1fc2b7ff66
Redundant std::string to const char* conversion in exception constructors cleaned
2016-11-04 09:26:27 +01:00
60aa513375
Aesthetic modifications
2016-11-03 09:33:25 +01:00
d234e55ae4
- Doxygen documentation updated
...
- Some minor issues stumbled upon fixed
- WIN1250 >> UTF-8
2016-11-02 01:25:38 +01:00
d87b3d37e5
Discrete output of credentials to event log centralized
2016-10-25 13:37:39 +02:00
7a26128c7b
"auto" simplified
2016-10-10 15:00:10 +02:00
e94e3bdd60
credentials::combine() methods updated with support for EAPMsg:
...
- Additional parameters
- Additional result code
- User impersonation now mounted inside of credentials::combine() when required
2016-10-10 14:31:23 +02:00
c660e2b3e6
config_method_with_cred::make_credentials() method moved to parent class config_method for seamless EAPMsg method support
2016-10-10 13:20:08 +02:00
e8eec11618
EAP-TTLS inner method no longer needs to have support for configured credentials
2016-10-04 10:13:45 +02:00
c53ed21d55
Code clean-up
2016-10-03 14:54:02 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
832af1b633
Support for KPH password encryption added
2016-09-27 11:44:04 +02:00
27ea8802e0
<Password> element is stored encrypted now in profile configuration XML
...
(closes #18 )
2016-09-26 10:20:14 +02:00
79cc1af86f
Clean-up and XML handling enhancement:
...
- XML helper functions always return objects by winstd::com_obj or winstd::bstr reference now to ensure proper release by caller
- get_element_value()/put_element_value() can optionally return reference to the XML object if required
- WinStd macros to simplify dplhandle<> and handle<> inherited classes reused by non-copyable classes
2016-09-23 14:43:31 +02:00
0ab18017cd
Pre-shared >> Configured credentials, Own >> Stored credentials
2016-09-21 09:43:02 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
0095ebbff6
Provider identity is now coherent to draft-winter-opsawg-eap-metadata-02
2016-09-02 19:24:47 +02:00
98bd9f1935
Clean-up
2016-09-01 09:04:39 +02:00
6b2a71cc63
<UserName> is no longer created for empty identities
2016-09-01 05:55:39 +02:00
d9bfcc3e49
Credential identities are more carefully prepared for display now
2016-08-31 16:50:12 +02:00
c9be6f4f7b
Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added
2016-08-31 14:39:27 +02:00
68aec5dfb4
Namespace name is static member now
2016-08-31 08:43:03 +02:00
770b56e2cf
credentials::get_name() now distinguish between empty credentials and blank identity
2016-08-28 20:06:54 +02:00
8ce7154a77
Loading credentials from XML allows <UserName> absence and assumes blank identity in this case now
2016-08-28 15:46:30 +02:00
6835f5279c
Certificate (TLS) credentials support custom identity now
2016-08-24 11:03:18 +02:00
df1d431bd0
- TLS revised (again)
...
- TLS Session resumption issues resolved
- Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
- Last authentication attempt failure notice is more general and no longer insinuate user credentials are the likely cause of the failure
- Additional log messages added
2016-08-17 11:50:34 +02:00
d8ccf7cbc0
Credential management revised
2016-08-15 17:33:10 +02:00
e34d2ba275
Prefast declaration update
2016-08-15 15:10:42 +02:00
1bf51fda25
win_runtime_error moved to WinStd; eapxml functions return HRESULT now
2016-08-09 01:05:00 +02:00
b71e30f642
EAP_ERROR replaced with C++ exceptions for increased code readability
2016-08-08 22:59:17 +02:00
2aa4bce8cc
eap::config::m_module reference again
2016-08-06 07:01:12 +02:00
460adb9858
m_module is now a pointer instead of reference
2016-08-05 11:23:59 +02:00
4834c9e4da
credentials::get_name() fixed to return "<blank>" for empty credentials
2016-07-21 12:34:19 +02:00
627b20aabc
pack() => operator <<, unpack() => operator >>, get_pk_size() => pksizeof()
2016-07-21 09:20:09 +02:00
51428d290f
Memory overflow detection when packing/unpacking BLOB added
2016-07-20 19:29:21 +02:00
