c660e2b3e6
config_method_with_cred::make_credentials() method moved to parent class config_method for seamless EAPMsg method support
2016-10-10 13:20:08 +02:00
e8eec11618
EAP-TTLS inner method no longer needs to have support for configured credentials
2016-10-04 10:13:45 +02:00
c53ed21d55
Code clean-up
2016-10-03 14:54:02 +02:00
559ffc5ead
ID 3. C style pointer casting from security audit fixed
2016-10-03 14:53:50 +02:00
832af1b633
Support for KPH password encryption added
2016-09-27 11:44:04 +02:00
27ea8802e0
<Password> element is stored encrypted now in profile configuration XML
...
(closes #18 )
2016-09-26 10:20:14 +02:00
79cc1af86f
Clean-up and XML handling enhancement:
...
- XML helper functions always return objects by winstd::com_obj or winstd::bstr reference now to ensure proper release by caller
- get_element_value()/put_element_value() can optionally return reference to the XML object if required
- WinStd macros to simplify dplhandle<> and handle<> inherited classes reused by non-copyable classes
2016-09-23 14:43:31 +02:00
0ab18017cd
Pre-shared >> Configured credentials, Own >> Stored credentials
2016-09-21 09:43:02 +02:00
641c9b6932
Credentials are no longer stored using method name (TLS/PAP/MSCHAPv2) but with level/type identifier
2016-09-06 15:39:41 +02:00
0095ebbff6
Provider identity is now coherent to draft-winter-opsawg-eap-metadata-02
2016-09-02 19:24:47 +02:00
98bd9f1935
Clean-up
2016-09-01 09:04:39 +02:00
6b2a71cc63
<UserName> is no longer created for empty identities
2016-09-01 05:55:39 +02:00
d9bfcc3e49
Credential identities are more carefully prepared for display now
2016-08-31 16:50:12 +02:00
c9be6f4f7b
Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added
2016-08-31 14:39:27 +02:00
68aec5dfb4
Namespace name is static member now
2016-08-31 08:43:03 +02:00
770b56e2cf
credentials::get_name() now distinguish between empty credentials and blank identity
2016-08-28 20:06:54 +02:00
8ce7154a77
Loading credentials from XML allows <UserName> absence and assumes blank identity in this case now
2016-08-28 15:46:30 +02:00
6835f5279c
Certificate (TLS) credentials support custom identity now
2016-08-24 11:03:18 +02:00
df1d431bd0
- TLS revised (again)
...
- TLS Session resumption issues resolved
- Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
- Last authentication attempt failure notice is more general and no longer insinuate user credentials are the likely cause of the failure
- Additional log messages added
2016-08-17 11:50:34 +02:00
d8ccf7cbc0
Credential management revised
2016-08-15 17:33:10 +02:00
e34d2ba275
Prefast declaration update
2016-08-15 15:10:42 +02:00
1bf51fda25
win_runtime_error moved to WinStd; eapxml functions return HRESULT now
2016-08-09 01:05:00 +02:00
b71e30f642
EAP_ERROR replaced with C++ exceptions for increased code readability
2016-08-08 22:59:17 +02:00
2aa4bce8cc
eap::config::m_module reference again
2016-08-06 07:01:12 +02:00
460adb9858
m_module is now a pointer instead of reference
2016-08-05 11:23:59 +02:00
4834c9e4da
credentials::get_name() fixed to return "<blank>" for empty credentials
2016-07-21 12:34:19 +02:00
627b20aabc
pack() => operator <<, unpack() => operator >>, get_pk_size() => pksizeof()
2016-07-21 09:20:09 +02:00
51428d290f
Memory overflow detection when packing/unpacking BLOB added
2016-07-20 19:29:21 +02:00
ce0bbc5b45
config_method::m_preshared moved to heap, which in turn required shift to virtual methods for packing/unpacking BLOBs
2016-07-20 14:59:12 +02:00
512f46f014
pack/unpack & load/save nesting arranged all the way up to eap::config
2016-07-20 10:31:34 +02:00
a92cafea36
eap::credentials::get_name() method introduced to allow more detailed display of certificate names
2016-07-20 10:05:36 +02:00
4f6943044f
eap::credentials::m_identity replaced with virtual method get_identity()
2016-07-20 09:54:26 +02:00
4acabbca4e
Configuration and credentials logging introduced
2016-07-19 12:53:54 +02:00
922d0ac3d0
Additional RSA credential encryption replaced with product-specific entropy in user-specific encryption pass, to circumvent RSA data length limitation
2016-06-22 23:32:28 +02:00
a2ca2fd850
Logging and error reporting simplified
2016-06-21 13:15:50 +02:00
0c8492ccd1
CredProtect() replaced with CryptProtectData() << the former didn't work between normal and UAC-elevated processes: stored credentials are no longer valid and should be reentered
2016-06-20 16:37:48 +02:00
e52b9a636f
Support for read-only configurations added
2016-06-20 14:51:21 +02:00
cda81dd696
Aesthetic modifications
2016-06-16 00:25:10 +02:00
ec0b283540
Functions using EAP_ERROR descriptor return bool now for code simplicity
2016-06-15 22:59:52 +02:00
a9fdd1d71d
Support for pre-shared credentials introduced
2016-06-15 20:00:04 +02:00
fed1e6052a
Encryption enhanced and moved to module
2016-06-15 14:20:12 +02:00
9cf80108b5
Credential saving to XML introduced to support pre-shared credentials
2016-06-15 11:05:32 +02:00
e0460fa15b
Redundant sizeof(char) removed for code clarity
2016-06-15 10:52:23 +02:00
822852c8b4
Password encryption/decryption moved to standalone methods to make reusable
2016-06-15 10:25:52 +02:00
cf7ca9c8e9
EAP modules divided to libraries
2016-06-10 12:24:49 +02:00