fdc1e5cb73
Resolve C5205 warning
...
Reference: https://developercommunity.visualstudio.com/content/problem/893960/compiling-atlsecurityh-raises-several-c5205-warnin.html
Reference: https://developercommunity.visualstudio.com/idea/937938/msvc-version-1650-preview-20-introduces-a-new-c-wa.html
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-04-14 08:51:34 +02:00
0aab5f2e94
UI touch-up
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:58 +01:00
4dad574377
Rename StdAfx.h to PCH.h
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:58 +01:00
75488ba870
credentials: Move user impersonation to peer::get_identity()
...
To retrieve user credentials, EapHost provides us the interactive user's
token we can use to impersonate.
By doing the impersonation early in peer::get_identity(), we don't need
to pass the token down the lower methods. This is rather a
simplification than a performance optimization.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
6511d826a0
peer: Move all generic methods upstream from peer_tls_base
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:57 +01:00
5b02352f1a
Resolve the make_...() methods
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:56 +01:00
1d558c939e
Rename method_tls_tunnel to method_tls and move upstream
...
CRL checking was also moved upstream as method_tls triggers it.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:10:37 +01:00
383a85c18b
method: Merge with method_tunnel
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:09:43 +01:00
c40f71462f
ui_context: Merge with ui_context_tls_tunnel
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:09:43 +01:00
bef455e5a6
method_defrag: Check minimum send packet size and revise the calculation
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:09:43 +01:00
4da7785490
method_eap: Refactor
...
Instead of delayed response packet generation, the
method_eap::process_request_packet() prepares the response packet. This
eliminates the state machine.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
7caa4b12a6
method_eap: tolerate empty request packets
...
TLS methods call process_request_packet(NULL, 0) to check on the inner
method for the payload to piggyback on the final handshake response.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
2282a2c45f
Explicitly check buffer length before touching it and unify exception
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
9d0e261bbe
method_eap: Add EAP Success/Failure support
...
Although, EapHost takes care for EAP Success and Failure packets for us,
it does so for the outer-most method only. When using EAP inside a TLS
tunnel, we are responsible for EAP Success and Failure packets ourselves.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:53 +01:00
e5e5f1c63e
method_eap: Support EAP identity exchange
...
Although, EapHost takes care for EAP identity exchange for us, it does
so for the outer-most method only. When using EAP inside a TLS tunnel,
we are responsible for EAP identity exchange ourselves.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:52 +01:00
1c295360fc
Double link inner-outer methods
...
This allows inner methods to access method_defrag to get negotiated
EAP-TTLS/PEAP protocol version.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-07 13:07:00 +01:00
f4e8ba88ae
Omit "B" from reported sizes
...
There should be a space between the number and a unit. Since everything
is always reported in bytes, there is no need to have a unit.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:42 +01:00
9e9648c924
Make modules and methods non-copyable & non-movable
...
Modules and methods are never duplicated or moved in a memory. Moving
constructors and operators are dead code.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:42 +01:00
c4fc8d184a
config_method_with_cred: Move anonymous identity upstream
...
This might break BLOB backward compatibility.
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:41 +01:00
8b66c7ad8d
Parameterize EAP method author ID
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:40 +01:00
32254864d5
Remove std::move on const members
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:39 +01:00
5a7827e85e
Make enums scoped
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:53:38 +01:00
840e055bf6
Relocate data encryption key
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-06 11:52:44 +01:00
059710d83c
Update Copyright year
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-02-05 11:45:51 +01:00
fac33ee0b1
Remove UTF-8 BOM
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-11-28 17:04:16 +01:00
6fb5cb88d2
Address code analysis warnings
...
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-09-04 13:11:48 +02:00
366e08899b
Review implicit narrowing conversions
2018-09-05 14:29:49 +02:00
352ad4f9d2
Stop using <> parentheses to avoid XML/HTML markup
...
Transifex treats strings enclosed in <> as HTML.
2018-06-20 14:59:52 +02:00
66dd2bf283
eap::config split to eap::config and eap::packable
2017-02-07 09:33:29 +01:00
191e4abd9c
eap::ui_context class for inter-process exchange introduced
2017-02-01 14:23:08 +01:00
b632f0202f
get_ui_context() upgraded
2017-02-01 10:52:57 +01:00
f9083dc300
eap::credentials reverted back to abstract class (25934dd8c70ca399ff4c58fd9a06319de81611f3 undone), and eap::credentials_identity introduced, since identity-only credentials must fail when <UserName> absent
2017-01-31 13:54:27 +01:00
cbe831f9f6
EAP errors now correctly displayed in Event Viewer
2017-01-31 12:36:24 +01:00
25934dd8c7
eap::credentials no longer pure virtual to allow identity-only credentials (i.e. EAP-GTC).
2017-01-31 10:33:15 +01:00
a2a87ddc4c
Additional clarification of UI context handling
2017-01-30 14:49:09 +01:00
e8d2e33aac
WideCharToMultiByte() and MultiByteToWideChar() optimization
2016-11-07 13:44:40 +01:00
4ae048fd9f
Auditing of CryptProtectData() enabled
2016-11-07 11:06:20 +01:00
1fc2b7ff66
Redundant std::string to const char* conversion in exception constructors cleaned
2016-11-04 09:26:27 +01:00
fa3e7c0e6d
Issue with passing wrong EAP type packet to tunneled method introduced in 70ce94b84ea2c58f3e6b857f9aac58218264433d fixed
2016-11-03 11:22:05 +01:00
60aa513375
Aesthetic modifications
2016-11-03 09:33:25 +01:00
a450d02485
Maximum inner method packet length now precisely calculated in begin_session() methods too
2016-11-03 07:55:33 +01:00
70ce94b84e
Support for Legacy Nak introduced
2016-11-02 11:36:43 +01:00
d234e55ae4
- Doxygen documentation updated
...
- Some minor issues stumbled upon fixed
- WIN1250 >> UTF-8
2016-11-02 01:25:38 +01:00
52a428bb5e
Various ownTLS leftover clean-up
2016-11-01 05:33:55 +01:00
c31e019cef
eap::metod thorough redesign:
...
- Support for method stacking introduced
- EAP-TLS method has been discontinued
- ownTLS has been discontinued
2016-10-31 16:58:53 +01:00
b054dcdc7a
eap::diameter_avp_append() set of functions introduced
2016-10-31 16:28:38 +01:00
0d8f243d31
eap::module::make_error() extended to support EAP_ERROR duplication
2016-10-31 16:23:42 +01:00
55f160bce3
Code clean-up
2016-10-27 13:59:08 +02:00
654c965851
Support for various peer action request extended
2016-10-27 10:00:18 +02:00
d87b3d37e5
Discrete output of credentials to event log centralized
2016-10-25 13:37:39 +02:00
