Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Compare commits

base: Amebis:1.0-alpha13
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0
..
compare: Amebis:1.0-alpha16
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0

53 Commits
1.0-alpha1 ... 1.0-alpha1

Author SHA1 Message Date
Simon Rozman
2339b6b347 Version set to 1.0-alpha16 2016-08-31 18:40:45 +02:00
Simon Rozman
171e924dcf Estimated flag to enable TLS 1.3 once available added 2016-08-31 18:40:28 +02:00
Simon Rozman
281c3ee083 Schannel tweaked to support TLS 1.2 now 
(closes #16)
 2016-08-31 18:13:24 +02:00
Simon Rozman
145c21682e Support for configuring provider ID using GUI added 2016-08-31 17:41:22 +02:00
Simon Rozman
0d221d4401 wxWidgets initialization reference counter introduced to prevent second initialization, as we recorded a case where EapHost called our GUI twice in the same DllHost.exe process. 2016-08-31 17:13:59 +02:00
Simon Rozman
d9bfcc3e49 Credential identities are more carefully prepared for display now 2016-08-31 16:50:12 +02:00
Simon Rozman
60f1b4ccfb Pre&post-processing of XML configuration introduced to allow draft-winter-opsawg-eap-metadata-02 compliant XML profiles on the outside, while maintaining internal simplicity 2016-08-31 16:33:19 +02:00
Simon Rozman
c9be6f4f7b Support for multiple identity providers of draft-winter-opsawg-eap-metadata XML configuration added 2016-08-31 14:39:27 +02:00
Simon Rozman
452fa4b9dc Inserting single-occurrence XML elements with children simplified 2016-08-31 09:48:11 +02:00
Simon Rozman
68aec5dfb4 Namespace name is static member now 2016-08-31 08:43:03 +02:00
Simon Rozman
3f49f3e975 Event Monitor shortcut description dropped as it will not be localized 2016-08-31 02:53:19 +02:00
Simon Rozman
04213715b0 UI texts updated 2016-08-31 01:25:44 +02:00
Simon Rozman
510bbe10f6 Template for creating XML configuration simplified 2016-08-31 00:41:16 +02:00
Simon Rozman
5dfd079686 Support for multi-provider management added to GUI 2016-08-31 00:36:19 +02:00
Simon Rozman
858486412e Confusion between provider ID and provider name resolved 2016-08-30 21:10:10 +02:00
Simon Rozman
8b266f086f Code clean-up 2016-08-30 17:44:21 +02:00
Simon Rozman
c40306c624 <Error getting property (error 13)> issue with log parameters solved 2016-08-30 17:43:56 +02:00
Simon Rozman
24c10b592b Version set to 1.0-alpha15 2016-08-29 20:47:01 +02:00
Simon Rozman
cafd786e19 Own TLS updated to keep it alive (now that the fuss around outer/inner methods settled) 2016-08-29 20:40:37 +02:00
Simon Rozman
a7c8052ee2 eap::method revised to support nesting, so the PAP method was made a stand-alone method 2016-08-29 20:05:58 +02:00
Simon Rozman
a33da0d8d5 CredWrite stores an empty set of credentials for TLS now, avoiding initial credential prompt 2016-08-29 15:11:58 +02:00
Simon Rozman
91f87aa3c7 WLANManager is deployed separately now 2016-08-29 15:10:27 +02:00
Simon Rozman
b6ae394eaf User identity derived from certificate is using sAN2 and sAN extensions only now 2016-08-29 13:51:19 +02:00
Simon Rozman
79499d7afd i and i disambiguation 2016-08-29 13:50:36 +02:00
Simon Rozman
92f05817fe A desperate attempt to make events shown on non-English Windows 2016-08-29 13:14:09 +02:00
Simon Rozman
a85833d41d Stale resource cleanup 2016-08-29 12:05:39 +02:00
Simon Rozman
8a8e6d08e0 Events.dll have missing VERSIONINFO resource now 2016-08-29 11:58:10 +02:00
Simon Rozman
aa7c5bebda Outer and inner TTLS credentials are combined separately now to provide finer feedback for more accurate logging (again) 2016-08-29 09:27:32 +02:00
Simon Rozman
ceece01b99 In case of previously-failed authentication attempts we are more careful now not to request credential prompt for machine authentication 2016-08-29 09:25:38 +02:00
Simon Rozman
1d46db348a Sub-module update 2016-08-29 09:23:50 +02:00
Simon Rozman
48a7ce91c3 UI text updated 2016-08-28 23:14:59 +02:00
Simon Rozman
75892b78c0 Version set to 1.0-alpha14 2016-08-28 23:00:27 +02:00
Simon Rozman
7c938fe291 OnUpdateUI() event handlers optimized to reduce ridiculous CPU consumption of GUI & Incorrect page-provider mapping in wxEAPConfigDialog<> fixed 2016-08-28 22:58:41 +02:00
Simon Rozman
497f4eca8a wxEAPCredentialsConfigPanel upgraded to use full retrieval of credentials from the store, allowing certificate credentials to display their name again 2016-08-28 20:11:10 +02:00
Simon Rozman
770b56e2cf credentials::get_name() now distinguish between empty credentials and blank identity 2016-08-28 20:06:54 +02:00
Simon Rozman
df680e74f6 TLS credentials are considered empty regardless the state of custom identity setting now 2016-08-28 20:05:41 +02:00
Simon Rozman
e66a7eb9ba dePAPization continues to pave the road for seamless MSCHAPv2 integration 2016-08-28 20:04:45 +02:00
Simon Rozman
6c66862eed TTLS config and credentials are now expected to always have inner config and credentials object present; it can be blank, but it must not be nullptr 2016-08-28 17:43:06 +02:00
Simon Rozman
fc5e54db05 Inner configuration/credential management virtualized to reduce cluttering code 2016-08-28 17:20:24 +02:00
Simon Rozman
d20aafb3ff Identity selection revised to support cases where TLS certificate is present but contains no usable username 2016-08-28 16:38:13 +02:00
Simon Rozman
8ce7154a77 Loading credentials from XML allows <UserName> absence and assumes blank identity in this case now 2016-08-28 15:46:30 +02:00
Simon Rozman
d926ea66b0 Sub-module update 2016-08-28 13:42:47 +02:00
Simon Rozman
3baa77d3bb WLANManager utility introduced 
(closes #7)
 2016-08-28 12:22:04 +02:00
Simon Rozman
25eb6d8d72 32-bit C++ compiler warning resolved 2016-08-27 21:18:06 +02:00
Simon Rozman
349508701c Support for localization added to MSI setup 
(closes #9)
 2016-08-27 21:17:46 +02:00
Simon Rozman
9f770bbb3f peer_ttls_ui now initializes wxWidgets further to support localization 2016-08-27 17:54:00 +02:00
Simon Rozman
bc1c56174a UI language in registry is ll_CC format now 2016-08-27 17:28:30 +02:00
Simon Rozman
db585975e8 Saving event source set to registry simplified to reduce registry clutter 2016-08-27 17:22:28 +02:00
Simon Rozman
8bf99423c8 Slovenian localization files added 2016-08-27 16:47:48 +02:00
Simon Rozman
249c4db1de Default column widths adjusted to better fit the content initially 2016-08-27 16:42:39 +02:00
Simon Rozman
3dd8f26c94 Registry settings key names changed as separate manufacturer name introduced 2016-08-27 16:41:26 +02:00
Simon Rozman
4a9d496ba1 Log trace control named for more logical name of settings in registry 2016-08-27 15:49:54 +02:00
Simon Rozman
6f5bbeffa2 UI text updated 2016-08-27 15:45:31 +02:00
100 changed files with 5063 additions and 1317 deletions
Expand all files Collapse all files

3
CredWrite/CredWrite.vcxproj
View File

@@ -107,6 +107,9 @@
<ProjectReference Include="..\lib\PAP\build\PAP.vcxproj">
<Project>{36b0cf8a-7794-46c3-8099-825ba962b4c7}</Project>
</ProjectReference>
<ProjectReference Include="..\lib\TLS\build\TLS.vcxproj">
<Project>{4d40cb8a-812e-4f12-b23a-31af743878e8}</Project>
</ProjectReference>
<ProjectReference Include="..\lib\WinStd\build\WinStd.vcxproj">
<Project>{47399d91-7eb9-41de-b521-514ba5db0c43}</Project>
</ProjectReference>

22
CredWrite/Main.cpp
View File

@@ -40,7 +40,7 @@ static int CredWrite()
return -1;
}
eap::credentials_pap cred(g_module);
eap::credentials_pap cred_pap(g_module);
// Prepare identity (user name).
{
@@ -50,7 +50,7 @@ static int CredWrite()
bool is_last;
dec.decode(identity_utf8, is_last, pwcArglist[1], (size_t)-1);
MultiByteToWideChar(CP_UTF8, 0, identity_utf8.data(), (int)identity_utf8.size(), cred.m_identity);
MultiByteToWideChar(CP_UTF8, 0, identity_utf8.data(), (int)identity_utf8.size(), cred_pap.m_identity);
}
// Prepare password.
@@ -61,7 +61,7 @@ static int CredWrite()
bool is_last;
dec.decode(password_utf8, is_last, pwcArglist[2], (size_t)-1);
MultiByteToWideChar(CP_UTF8, 0, password_utf8.data(), (int)password_utf8.size(), cred.m_password);
MultiByteToWideChar(CP_UTF8, 0, password_utf8.data(), (int)password_utf8.size(), cred_pap.m_password);
}
// Generate target name (aka realm).
@@ -71,7 +71,7 @@ static int CredWrite()
target_name = pwcArglist[3];
} else {
// Get the realm from user name.
LPCWSTR _identity = cred.m_identity.c_str(), domain;
LPCWSTR _identity = cred_pap.m_identity.c_str(), domain;
if ((domain = wcschr(_identity, L'@')) != NULL)
target_name = domain + 1;
else if ((domain = wcschr(_identity, L'\\')) != NULL)
@@ -94,7 +94,7 @@ static int CredWrite()
}
#endif
try {
cred.store(target_name.c_str());
cred_pap.store(target_name.c_str());
} catch(win_runtime_error &err) {
OutputDebugStr(_T("%hs (error %u)\n"), err.what(), err.number());
return 2;
@@ -103,6 +103,18 @@ static int CredWrite()
return 2;
}
// Store empty TLS credentials.
eap::credentials_tls cred_tls(g_module);
try {
cred_tls.store(target_name.c_str());
} catch(win_runtime_error &err) {
OutputDebugStr(_T("%hs (error %u)\n"), err.what(), err.number());
return 3;
} catch(...) {
OutputDebugStr(_T("Writing credentials failed.\n"));
return 3;
}
return 0;
}

2
CredWrite/StdAfx.h
View File

@@ -20,8 +20,8 @@
#pragma once
#include "../lib/PAP/include/Config.h"
#include "../lib/PAP/include/Credentials.h"
#include "../lib/TLS/include/Credentials.h"
#include "../lib/EAPBase/include/Module.h"
#include <WinStd/Common.h>

BIN
EAPMethods/EAPTTLSUI/EAPTTLSUI.rc
View File

Binary file not shown.

5
EAPMethods/EAPTTLSUI/EAPTTLSUI.vcxproj
View File

@@ -127,8 +127,13 @@
</ItemGroup>
<ItemGroup>
<None Include="..\build\EAPMethodUI.def" />
<None Include="..\locale\EAPMethods.pot" />
</ItemGroup>
<ItemGroup>
<POCompile Include="..\locale\sl_SI.po" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
<Import Project="..\..\include\xgettext.targets" />
</ImportGroup>
</Project>

12
EAPMethods/EAPTTLSUI/EAPTTLSUI.vcxproj.filters
View File

@@ -13,6 +13,10 @@
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
<Filter Include="Resource Files\Localization">
<UniqueIdentifier>{e43059ae-37ac-4b28-84fb-18d1b3972b30}</UniqueIdentifier>
<Extensions>po;pot</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude Include="StdAfx.h">
@@ -36,5 +40,13 @@
<None Include="..\build\EAPMethodUI.def">
<Filter>Source Files</Filter>
</None>
<None Include="..\locale\EAPMethods.pot">
<Filter>Resource Files\Localization</Filter>
</None>
</ItemGroup>
<ItemGroup>
<POCompile Include="..\locale\sl_SI.po">
<Filter>Resource Files\Localization</Filter>
</POCompile>
</ItemGroup>
</Project>

BIN
EAPMethods/MSIBuild/Makefile
View File

Binary file not shown.

1
EAPMethods/locale/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
/*.mo

221
EAPMethods/locale/EAPMethods.pot
View File

@@ -2,7 +2,7 @@
msgid ""
msgstr ""
"Project-Id-Version: EAPMethods\n"
"POT-Creation-Date: 2016-08-25 10:43+0200\n"
"POT-Creation-Date: 2016-08-31 17:41+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon.rozman@amebis.si>\n"
"Language-Team: Amebis, d. o. o., Kamnik <info@amebis.si>\n"
@@ -20,201 +20,242 @@ msgstr ""
"X-Poedit-SearchPath-4: EAPMethods\n"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:37
msgid "Advanced..."
msgid "+"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:38
msgid "Adds new provider"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:42
msgid "-"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:43
msgid "Removes selected provider"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:47
msgid "Advanced..."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:48
msgid "Opens dialog with provider settings"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:174 lib/EAPBase_UI/res/wxEAP_UI.cpp:296
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:230 lib/EAPBase_UI/res/wxEAP_UI.cpp:355
msgid "Client Credentials"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:185
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:241
msgid "Manage credentials used to connect."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:198
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:254
msgid "Use &own credentials:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:199
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:255
msgid "Select this option if you have your unique credentials to connect"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:204
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:260
msgid "Your credentials loaded from Windows Credential Manager"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:214
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:270
msgid "&Clear Credentials"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:215
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:271
msgid ""
"Click to clear your credentials from Credential Manager.\n"
"Note: You will be prompted to enter credentials when connecting."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:219 lib/EAPBase_UI/res/wxEAP_UI.cpp:252
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:275 lib/EAPBase_UI/res/wxEAP_UI.cpp:308
msgid "&Set Credentials..."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:220 lib/EAPBase_UI/res/wxEAP_UI.cpp:253
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:276 lib/EAPBase_UI/res/wxEAP_UI.cpp:309
msgid "Click here to set or modify your credentials"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:236
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:292
msgid "Use &pre-shared credentials:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:237
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:293
msgid "Select this options if all clients connect using the same credentials"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:242
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:298
msgid "Common (pre-shared) credentials"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:307
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:366
msgid "Please provide your user ID and password."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:317
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:376
msgid "User ID:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:322
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:381
msgid "Enter your user name here (user@domain.org, DOMAIN\\User, etc.)"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:326
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:385
msgid "Password:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:331
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:390
msgid "Enter your password here"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:338 lib/TLS_UI/res/wxTLS_UI.cpp:183
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:397 lib/TLS_UI/res/wxTLS_UI.cpp:183
msgid "&Remember"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:339
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:398
msgid "Check if you would like to save username and password"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:361
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:420
msgid "Your Organization"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:372
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:431
msgid "Describe your organization to customize user prompts. When organization is introduced, end-users find program messages easier to understand and act."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:379
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:438
msgid "Your organization &name:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:384
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:443
msgid "Your organization name as it will appear on helpdesk contact notifications"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:388
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:447
msgid "(Keep it short, please)"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:398
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:457
msgid "Helpdesk contact &information:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:408
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:467
msgid "¶"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:415
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:474
msgid "Your helpdesk website address"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:419
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:478
msgid "*"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:426
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:485
msgid "Your helpdesk e-mail address"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:430
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:489
msgid ")"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:437
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:496
msgid "Your helpdesk phone number"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:471
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:524
msgid "Provider Unique Identifier"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:535
msgid "Assign your organization a unique ID to allow sharing the same credential set across different network profiles."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:542
msgid "Provider unique &identifier:"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:547
msgid "Your organization ID to assign same credentials from other profiles"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:551
msgid "(Examples: contoso.com, DOT-UK, etc.)"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:576
msgid "Configuration Lock"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:482
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:587
msgid "Your configuration can be locked to prevent accidental modification by end-users. Users will only be allowed to enter credentials."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:489
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:594
msgid "&Lock this configuration and prevent any further modification via user interface."
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:492
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:597
msgid "(Warning: Once locked, you can not revert using this dialog!)"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:88
#: lib/EAPBase_UI/src/EAP_UI.cpp:98
#, c-format
msgid "%s Credentials"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:118
#: lib/EAPBase_UI/src/EAP_UI.cpp:123 lib/EAPBase_UI/include/EAP_UI.h:351
#: lib/EAPBase_UI/include/EAP_UI.h:361 lib/EAPBase_UI/res/wxEAP_UI.h:118
msgid "EAP Credentials"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:166
#, c-format
msgid "For additional help and instructions, please contact %s at:"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:120
#: lib/EAPBase_UI/src/EAP_UI.cpp:168
#, c-format
msgid "your %ls provider"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:120
#: lib/EAPBase_UI/src/EAP_UI.cpp:168
msgid "your provider"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:139
#: lib/EAPBase_UI/src/EAP_UI.cpp:187
msgid "Open the default web browser"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:150
#: lib/EAPBase_UI/src/EAP_UI.cpp:198
msgid "Open your e-mail program"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:161
#: lib/EAPBase_UI/src/EAP_UI.cpp:209
msgid "Dial the phone number"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:180
#: lib/EAPBase_UI/src/EAP_UI.cpp:229
#, c-format
msgid "%s has pre-set parts of this configuration. Those parts are locked to prevent accidental modification."
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:182
#: lib/EAPBase_UI/src/EAP_UI.cpp:231
#, c-format
msgid "Your %ls provider"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:182
#: lib/EAPBase_UI/src/EAP_UI.cpp:231
msgid "Your provider"
msgstr ""
#: lib/EAPBase_UI/src/EAP_UI.cpp:201
#: lib/EAPBase_UI/src/EAP_UI.cpp:251
msgid "Previous attempt to connect failed. Please, make sure your credentials are correct, or try again later."
msgstr ""
@@ -323,32 +364,32 @@ msgstr ""
msgid "Validation conflict"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:514
#: lib/TLS_UI/src/TLS_UI.cpp:511
msgid "Add Certificate"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:515
#: lib/TLS_UI/src/TLS_UI.cpp:512
msgid "Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:516
#: lib/TLS_UI/src/TLS_UI.cpp:513
msgid "X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:517
#: lib/TLS_UI/src/TLS_UI.cpp:514
msgid "PKCS #7 Certificate Files (*.p7b)"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:518
#: lib/TLS_UI/src/TLS_UI.cpp:515
msgid "All Files (*.*)"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:534
#: lib/TLS_UI/src/TLS_UI.cpp:531
#, c-format
msgid "Invalid or unsupported certificate file %s"
msgstr ""
#: lib/TLS_UI/src/TLS_UI.cpp:534
#: lib/TLS_UI/src/TLS_UI.cpp:531
msgid "Error"
msgstr ""
@@ -388,70 +429,74 @@ msgstr ""
msgid "Custom outer identity to use"
msgstr ""
#: lib/TTLS_UI/src/Module.cpp:231 lib/TTLS_UI/src/Module.cpp:241
#: lib/EAPBase_UI/include/EAP_UI.h:582
#: lib/TTLS_UI/src/Module.cpp:272 lib/TTLS_UI/src/Module.cpp:282
#: lib/EAPBase_UI/include/EAP_UI.h:690
#, c-format
msgid "Error writing credentials to Credential Manager: %hs (error %u)"
msgstr ""
#: lib/TTLS_UI/src/Module.cpp:233 lib/TTLS_UI/src/Module.cpp:243
#: lib/EAPBase_UI/include/EAP_UI.h:584
#: lib/TTLS_UI/src/Module.cpp:274 lib/TTLS_UI/src/Module.cpp:284
#: lib/EAPBase_UI/include/EAP_UI.h:693
msgid "Writing credentials failed."
msgstr ""
#: lib/TTLS_UI/src/TTLS_UI.cpp:108 lib/TTLS_UI/src/TTLS_UI.cpp:215
#: lib/TTLS_UI/src/TTLS_UI.cpp:107 lib/TTLS_UI/src/TTLS_UI.cpp:220
msgid "Inner Authentication"
msgstr ""
#: lib/TTLS_UI/src/TTLS_UI.cpp:114
#: lib/TTLS_UI/src/TTLS_UI.cpp:113
msgid "Select inner authentication method from the list"
msgstr ""
#: lib/TTLS_UI/src/TTLS_UI.cpp:116
#: lib/TTLS_UI/src/TTLS_UI.cpp:115
msgid "PAP"
msgstr ""
#: lib/TTLS_UI/src/TTLS_UI.cpp:121 lib/TTLS_UI/src/TTLS_UI.cpp:236
#: lib/TTLS_UI/src/TTLS_UI.cpp:120 lib/TTLS_UI/src/TTLS_UI.cpp:241
msgid "Outer Authentication"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:253
msgid "EAP Credentials"
#: lib/EAPBase_UI/include/EAP_UI.h:288
#, c-format
msgid "Are you sure you want to permanently remove %ls provider from configuration?"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:422
#: lib/EAPBase_UI/include/EAP_UI.h:288
msgid "Warning"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:548
msgid "Provider Settings"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:502 lib/EAPBase_UI/include/EAP_UI.h:529
msgid "<blank>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:508
#, c-format
msgid "<error %u>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:568
#, c-format
msgid "Error reading credentials from Credential Manager: %hs (error %u)"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:570
msgid "Reading credentials failed."
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:595
#: lib/EAPBase_UI/include/EAP_UI.h:706
#, c-format
msgid "Deleting credentials failed (error %u)."
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:817
#: lib/EAPBase_UI/include/EAP_UI.h:739
#, c-format
msgid "<error %u>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:743
msgid "<error>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:754 lib/EAPBase_UI/include/EAP_UI.h:763
msgid "<empty>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:754 lib/EAPBase_UI/include/EAP_UI.h:763
msgid "<blank ID>"
msgstr ""
#: lib/EAPBase_UI/include/EAP_UI.h:968
msgid "<Your Organization>"
msgstr ""
#: lib/EAPBase_UI/res/wxEAP_UI.h:60
msgid "EAP Method Configuration"
#: lib/EAPBase_UI/res/wxEAP_UI.h:68
msgid "EAP Connection Configuration"
msgstr ""
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:3

530
EAPMethods/locale/sl_SI.po Normal file
View File

@@ -0,0 +1,530 @@
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: EAPMethods\n"
"POT-Creation-Date: 2016-08-28 23:08+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon@rozman.si>, 2016\n"
"Language-Team: Slovenian (Slovenia) (https://www.transifex.com/eduroam_devel/teams/11799/sl_SI/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: sl_SI\n"
"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);\n"
"X-Generator: Poedit 1.8.8\n"
"X-Poedit-Basepath: ../..\n"
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: lib/EAPBase_UI\n"
"X-Poedit-SearchPath-1: lib/PAP_UI\n"
"X-Poedit-SearchPath-2: lib/TLS_UI\n"
"X-Poedit-SearchPath-3: lib/TTLS_UI\n"
"X-Poedit-SearchPath-4: EAPMethods\n"
"X-Poedit-SourceCharset: UTF-8\n"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:37
msgid "Advanced..."
msgstr "Napredno ..."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:38
msgid "Opens dialog with provider settings"
msgstr "Odpre dialog z nastavitvami ponudnika"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:174 lib/EAPBase_UI/res/wxEAP_UI.cpp:299
msgid "Client Credentials"
msgstr "Odjemalčeve poverilnice"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:185
msgid "Manage credentials used to connect."
msgstr "Upravljajte s poverilnicami za povezovanje."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:198
msgid "Use &own credentials:"
msgstr "Uporabi sv&oje poverilnice:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:199
msgid "Select this option if you have your unique credentials to connect"
msgstr "Izberite to možnost, če imate svoje lastne poverilnice za povezovanje"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:204
msgid "Your credentials loaded from Windows Credential Manager"
msgstr "Vaše poverilnice naložene iz upravitelja poverilnic Windows"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:214
msgid "&Clear Credentials"
msgstr "Počisti poverilni&ce"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:215
msgid ""
"Click to clear your credentials from Credential Manager.\n"
"Note: You will be prompted to enter credentials when connecting."
msgstr ""
"Kliknite, da počistite svoje poverilnice iz upravitelja poverilnic.\n"
"Opomba: Za vnos poverilnic boste pozvani ob povezovanju."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:219 lib/EAPBase_UI/res/wxEAP_UI.cpp:252
msgid "&Set Credentials..."
msgstr "Na&stavi poverilnice ..."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:220 lib/EAPBase_UI/res/wxEAP_UI.cpp:253
msgid "Click here to set or modify your credentials"
msgstr "Kliknite tukaj, da nastavite ali spremenite svoje poverilnice"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:236
msgid "Use &pre-shared credentials:"
msgstr "Uporabi sku&pne poverilnice:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:237
msgid "Select this options if all clients connect using the same credentials"
msgstr ""
"Izberite to možnost, kadar se vsi odjemalci povezujejo z istimi "
"poverilnicami"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:242
msgid "Common (pre-shared) credentials"
msgstr "Skupne (deljene) poverilnice"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:310
msgid "Please provide your user ID and password."
msgstr "Vnesite svoj uporabniški ID in geslo."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:320
msgid "User ID:"
msgstr "Uporabniški ID:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:325
msgid "Enter your user name here (user@domain.org, DOMAIN\\User, etc.)"
msgstr "Tukaj vnesite svoje up. ime (up. ime@domena.si, DOMENA\\Uporabnik ipd.)"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:329
msgid "Password:"
msgstr "Geslo:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:334
msgid "Enter your password here"
msgstr "Tukaj vnesite svoje geslo"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:341 lib/TLS_UI/res/wxTLS_UI.cpp:183
msgid "&Remember"
msgstr "Za&pomni si"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:342
msgid "Check if you would like to save username and password"
msgstr "Odkljukajte, če želite shraniti up. ime in geslo"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:364
msgid "Your Organization"
msgstr "Vaša organizacija"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:375
msgid ""
"Describe your organization to customize user prompts. When organization is "
"introduced, end-users find program messages easier to understand and act."
msgstr ""
"Opišite svojo organizacijo za up. pozive po meri. Kadar se organizacija "
"predstavi, uporabniki lažje razumejo sporočila programa in ustrezneje "
"reagirajo."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:382
msgid "Your organization &name:"
msgstr "Ime vaše orga&nizacije:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:387
msgid ""
"Your organization name as it will appear on helpdesk contact notifications"
msgstr ""
"Ime vaše organizacije, kot bo nastopalo na obvestilih s stikom na center za "
"pomoč"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:391
msgid "(Keep it short, please)"
msgstr "(Naj bo kratko, prosim)"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:401
msgid "Helpdesk contact &information:"
msgstr "Podatk&i centra za pomoč:"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:411
msgid "¶"
msgstr "¶"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:418
msgid "Your helpdesk website address"
msgstr "Naslov spletne strani vašega centra za pomoč"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:422
msgid "*"
msgstr "*"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:429
msgid "Your helpdesk e-mail address"
msgstr "E-poštni naslov vašega centra za pomoč"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:433
msgid ")"
msgstr ")"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:440
msgid "Your helpdesk phone number"
msgstr "Telefonska številka vašega centra za pomoč"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:468
msgid "Configuration Lock"
msgstr "Zaklep konfiguracije"
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:479
msgid ""
"Your configuration can be locked to prevent accidental modification by end-"
"users. Users will only be allowed to enter credentials."
msgstr ""
"Svojo konfiguracijo lahko zaklenete in preprečite končnim uporabnikom "
"nenamerno spreminjanje. Uporabniki bodo lahko vnašali samo poverilnice."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:486
msgid ""
"&Lock this configuration and prevent any further modification via user "
"interface."
msgstr ""
"Zak&leni to konfiguracijo in prepreči vse nadaljnje spremembe preko up. "
"vmesnika."
#: lib/EAPBase_UI/res/wxEAP_UI.cpp:489
msgid "(Warning: Once locked, you can not revert using this dialog!)"
msgstr "(Pozor: Ko zaklenete, vrnitev ne bo več možna preko tega dialoga!)"
#: lib/EAPBase_UI/src/EAP_UI.cpp:98
#, c-format
msgid "%s Credentials"
msgstr "Poverilnice za %s"
#: lib/EAPBase_UI/src/EAP_UI.cpp:128
#, c-format
msgid "For additional help and instructions, please contact %s at:"
msgstr "Za dodtano pomoč ali navodila se obrnite na %s na:"
#: lib/EAPBase_UI/src/EAP_UI.cpp:130
#, c-format
msgid "your %ls provider"
msgstr "vaš ponudnik %ls"
#: lib/EAPBase_UI/src/EAP_UI.cpp:130
msgid "your provider"
msgstr "vaš ponudnik"
#: lib/EAPBase_UI/src/EAP_UI.cpp:149
msgid "Open the default web browser"
msgstr "Odpre privzeto nastavljen spletni brskalnik"
#: lib/EAPBase_UI/src/EAP_UI.cpp:160
msgid "Open your e-mail program"
msgstr "Odpre vaš program za e-pošto"
#: lib/EAPBase_UI/src/EAP_UI.cpp:171
msgid "Dial the phone number"
msgstr "Pokliče telefonsko številko"
#: lib/EAPBase_UI/src/EAP_UI.cpp:191
#, c-format
msgid ""
"%s has pre-set parts of this configuration. Those parts are locked to "
"prevent accidental modification."
msgstr ""
"%s je prednastavil dele te konfiguracije. Ti deli so zaklenjeni zaradi "
"preprečevanja nenamernih sprememb."
#: lib/EAPBase_UI/src/EAP_UI.cpp:193
#, c-format
msgid "Your %ls provider"
msgstr "Vaš ponudnik %ls"
#: lib/EAPBase_UI/src/EAP_UI.cpp:193
msgid "Your provider"
msgstr "Vaš ponudnik"
#: lib/EAPBase_UI/src/EAP_UI.cpp:213
msgid ""
"Previous attempt to connect failed. Please, make sure your credentials are "
"correct, or try again later."
msgstr ""
"Prejšnji poskus povezave ni uspel. Preverite, ali so vaše poverilnice "
"pravilne ali poskusite kasneje."
#: lib/TLS_UI/res/wxTLS_UI.cpp:17
msgid "Server Trust"
msgstr "Zaupanje strežniku"
#: lib/TLS_UI/res/wxTLS_UI.cpp:28
msgid ""
"Describe the servers you trust to prevent credential interception in case of"
" man-in-the-middle attacks."
msgstr ""
"Opišite strežnike, ki jim zaupate in preprečite prestrezanje poverilnic v "
"primeru napada \"vmesnega člena\"."
#: lib/TLS_UI/res/wxTLS_UI.cpp:35
msgid "Acceptable Certificate Authorities:"
msgstr "Sprejemljivi izdajatelji potrdil:"
#: lib/TLS_UI/res/wxTLS_UI.cpp:40
msgid "List of certificate authorities server's certificate must be issued by"
msgstr ""
"Seznam izdajateljev potrdil, od katerih mora biti izdano strežnikovo "
"potrdilo"
#: lib/TLS_UI/res/wxTLS_UI.cpp:47
msgid "Add CA from Store..."
msgstr "Dodaj CA iz shrambe ..."
#: lib/TLS_UI/res/wxTLS_UI.cpp:48
msgid ""
"Adds a new certificate authority from the certificate store to the list"
msgstr "Doda novega izdajatelja potrdil iz shrambe potrdil na seznam"
#: lib/TLS_UI/res/wxTLS_UI.cpp:52
msgid "Add CA from File..."
msgstr "Dodaj CA iz datoteke ..."
#: lib/TLS_UI/res/wxTLS_UI.cpp:53
msgid "Adds a new certificate authority from the file to the list"
msgstr "Doda novega izdajatelja potrdil iz datoteke na seznam"
#: lib/TLS_UI/res/wxTLS_UI.cpp:57
msgid "&Remove CA"
msgstr "Odst&rani CA"
#: lib/TLS_UI/res/wxTLS_UI.cpp:59
msgid "Removes selected certificate authorities from the list"
msgstr "Odstrani izbrane izdajatelje potrdil s seznama"
#: lib/TLS_UI/res/wxTLS_UI.cpp:72
msgid "Acceptable server &names:"
msgstr "Sprejemljiva ime&na strežnika:"
#: lib/TLS_UI/res/wxTLS_UI.cpp:77
msgid ""
"A semicolon delimited list of acceptable server FQDN names; blank to skip "
"name check; Unicode characters allowed"
msgstr ""
"S podpičji ločen seznam sprejemljivih strežnikovih imen FQDN; prazno, da "
"izpusti preverjanje imena; znaki Unicode dovoljeni"
#: lib/TLS_UI/res/wxTLS_UI.cpp:81
msgid "(Example: foo.bar.com;server2.bar.com)"
msgstr "(Primer: vzo.rec.si;streznik2.rec.si)"
#: lib/TLS_UI/res/wxTLS_UI.cpp:120
msgid "TLS Client Certificate"
msgstr "Odjemalčevo potrdilo TLS"
#: lib/TLS_UI/res/wxTLS_UI.cpp:131
msgid "Please select your client certificate to use for authentication."
msgstr "Izberite svoje odjemalčevo potrdilo za uporabo med overovljanjem."
#: lib/TLS_UI/res/wxTLS_UI.cpp:138
msgid "Co&nnect without providing a client certificate"
msgstr "Poveži brez dostave &odjemalčevega potrdila"
#: lib/TLS_UI/res/wxTLS_UI.cpp:139
msgid ""
"Select if your server does not require you to provide a client certificate"
msgstr ""
"Izberite, če vaš strežnik ne zahteva, da mu dostavite odjemalčevo potrdilo"
#: lib/TLS_UI/res/wxTLS_UI.cpp:146
msgid "Use the following &certificate:"
msgstr "Uporabi naslednje &potrdilo:"
#: lib/TLS_UI/res/wxTLS_UI.cpp:147
msgid "Select if you need to provide a client certificate when connecting"
msgstr "Izberite, če morate dostaviti odjemalčevo potrdilo ob povezavi"
#: lib/TLS_UI/res/wxTLS_UI.cpp:154
msgid "Client certificate to use for authentication"
msgstr "Odjemalčevo potrdilo za overovljanje"
#: lib/TLS_UI/res/wxTLS_UI.cpp:167
msgid "Custom &identity:"
msgstr "&Identiteta po meri:"
#: lib/TLS_UI/res/wxTLS_UI.cpp:172
msgid ""
"Your identity (username@domain) to override one from certificate; or blank "
"to use one provided in certificate"
msgstr ""
"Vaša identiteta (up. ime@domena), ki bo nadomestila tisto s potrdila; ali "
"prazno, če želite uporabiti tisto s potrdila"
#: lib/TLS_UI/res/wxTLS_UI.cpp:176
msgid "(Example: user@contoso.com)"
msgstr "(Primer: uporabnik@vzorec.si)"
#: lib/TLS_UI/res/wxTLS_UI.cpp:184
msgid "Check if you would like to save certificate selection"
msgstr "Odkljukajte, če želite shraniti izbor potrdila"
#: lib/TLS_UI/src/TLS_UI.cpp:118
#, c-format
msgid "Invalid character in host name found: %c"
msgstr "Napačen znak v imenu gostitelja: %c"
#: lib/TLS_UI/src/TLS_UI.cpp:118
msgid "Validation conflict"
msgstr "Nesoglasje pri preverjanju"
#: lib/TLS_UI/src/TLS_UI.cpp:511
msgid "Add Certificate"
msgstr "Dodaj potrdilo"
#: lib/TLS_UI/src/TLS_UI.cpp:512
msgid "Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)"
msgstr "Datoteke s potrdili (*.cer;*.crt;*.der;*.p7b;*.pem)"
#: lib/TLS_UI/src/TLS_UI.cpp:513
msgid "X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)"
msgstr "Datoteke s potrdili X.509 (*.cer;*.crt;*.der;*.pem)"
#: lib/TLS_UI/src/TLS_UI.cpp:514
msgid "PKCS #7 Certificate Files (*.p7b)"
msgstr "Datoteke s potrdili PKCS #7 (*.p7b)"
#: lib/TLS_UI/src/TLS_UI.cpp:515
msgid "All Files (*.*)"
msgstr "Vse datoteke (*.*)"
#: lib/TLS_UI/src/TLS_UI.cpp:531
#, c-format
msgid "Invalid or unsupported certificate file %s"
msgstr "Napačna ali nepodprta datoteka s potrdilom %s"
#: lib/TLS_UI/src/TLS_UI.cpp:531
msgid "Error"
msgstr "Napaka"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:17
msgid "Outer Identity"
msgstr "Zunanja identiteta"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:28
msgid "Select the user ID supplicant introduces itself as to authenticator:"
msgstr ""
"Izberite uporabniško identiteto, s katerim se prosilec predstavi "
"overovitelju:"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:35
msgid "&True identity"
msgstr "Prava iden&titeta"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:36
msgid "Use my true user name"
msgstr "Uporabi moje pravo uporabniško ime"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:40
msgid "Use &empty outer identity (RFC 4822)"
msgstr "Uporabi prazno zunanjo id&entiteto (RFC 4822)"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:41
msgid "Ommit my user name and use @mydomain.org only"
msgstr "Izpusti moje uporabniško ime in uporabi samo @mojadomena.si"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:48
msgid "&Custom outer identity:"
msgstr "Zunanja identiteta po &meri:"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:49
msgid "Specify custom outer identity"
msgstr "Navedite zunanjo identiteto po meri"
#: lib/TTLS_UI/res/wxTTLS_UI.cpp:54
msgid "Custom outer identity to use"
msgstr "Zunanja identiteta po meri za uporabo"
#: lib/TTLS_UI/src/Module.cpp:249 lib/TTLS_UI/src/Module.cpp:259
#: lib/EAPBase_UI/include/EAP_UI.h:584
#, c-format
msgid "Error writing credentials to Credential Manager: %hs (error %u)"
msgstr ""
"Napaka pri zapisovanju poverilnic v upravitelja poverilnic: %hs (napaka %u)"
#: lib/TTLS_UI/src/Module.cpp:251 lib/TTLS_UI/src/Module.cpp:261
#: lib/EAPBase_UI/include/EAP_UI.h:587
msgid "Writing credentials failed."
msgstr "Zapisovanje poverilnic ni uspelo."
#: lib/TTLS_UI/src/TTLS_UI.cpp:107 lib/TTLS_UI/src/TTLS_UI.cpp:220
msgid "Inner Authentication"
msgstr "Notranje overovljanje"
#: lib/TTLS_UI/src/TTLS_UI.cpp:113
msgid "Select inner authentication method from the list"
msgstr "Izberite postopek notranjega overovljanja s seznama"
#: lib/TTLS_UI/src/TTLS_UI.cpp:115
msgid "PAP"
msgstr "PAP"
#: lib/TTLS_UI/src/TTLS_UI.cpp:120 lib/TTLS_UI/src/TTLS_UI.cpp:241
msgid "Outer Authentication"
msgstr "Zunanje overovljanje"
#: lib/EAPBase_UI/include/EAP_UI.h:283
msgid "EAP Credentials"
msgstr "Poverilnice EAP"
#: lib/EAPBase_UI/include/EAP_UI.h:443
msgid "Provider Settings"
msgstr "Nastavitve ponudnika"
#: lib/EAPBase_UI/include/EAP_UI.h:600
#, c-format
msgid "Deleting credentials failed (error %u)."
msgstr "Izbris poverilnic ni uspel (napaka %u)."
#: lib/EAPBase_UI/include/EAP_UI.h:633
#, c-format
msgid "<error %u>"
msgstr "<napaka %u>"
#: lib/EAPBase_UI/include/EAP_UI.h:637
msgid "<error>"
msgstr "<napaka>"
#: lib/EAPBase_UI/include/EAP_UI.h:646 lib/EAPBase_UI/include/EAP_UI.h:657
msgid "<empty credentials>"
msgstr "<prazne poverilnice>"
#: lib/EAPBase_UI/include/EAP_UI.h:649 lib/EAPBase_UI/include/EAP_UI.h:660
msgid "<blank identity>"
msgstr "<prazna identiteta>"
#: lib/EAPBase_UI/include/EAP_UI.h:866
msgid "<Your Organization>"
msgstr "<vaša organizacija>"
#: lib/EAPBase_UI/res/wxEAP_UI.h:64
msgid "EAP Method Configuration"
msgstr "Konfiguracija postopka EAP"
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:3
#: EAPMethods/MSIBuild/En.x64.Release.Feature-2.idtx:3
msgid "1252"
msgstr "1250"
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: EAPMethods/MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "EAP Methods"
msgstr "Postopki EAP"
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: EAPMethods/MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "Modules to support individual EAP methods"
msgstr "Moduli, ki omogočajo posamezne postopke EAP"
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:5
#: EAPMethods/MSIBuild/En.x64.Release.Feature-2.idtx:5
msgid "TTLS"
msgstr "TTLS"
#: EAPMethods/MSIBuild/En.Win32.Release.Feature-2.idtx:5
#: EAPMethods/MSIBuild/En.x64.Release.Feature-2.idtx:5
msgid "Tunneled Transport Layer Security"
msgstr "Tunneled Transport Layer Security"

18
EAPMethods/src/Main_UI.cpp
View File

@@ -193,17 +193,17 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
HRESULT hr;
// Create configuration XML document.
com_obj<IXMLDOMDocument2> pDoc;
if (FAILED(hr = pDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER))) {
com_obj<IXMLDOMDocument2> pConfigDoc;
if (FAILED(hr = pConfigDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error creating XML document.")));
return dwResult;
}
pDoc->put_async(VARIANT_FALSE);
pConfigDoc->put_async(VARIANT_FALSE);
// Load empty XML configuration.
VARIANT_BOOL isSuccess = VARIANT_FALSE;
if (FAILED((hr = pDoc->loadXML(L"<Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><EAPIdentityProviderList xmlns=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"></EAPIdentityProviderList></Config>", &isSuccess)))) {
if (FAILED((hr = pConfigDoc->loadXML(L"<Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"></Config>", &isSuccess)))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error loading XML document template.")));
return dwResult;
}
@@ -214,16 +214,16 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Select <Config> node.
com_obj<IXMLDOMNode> pXmlElConfig;
pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
if (FAILED(eapxml::select_node(pDoc, bstr(L"eaphostconfig:Config"), &pXmlElConfig))) {
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
if (FAILED(eapxml::select_node(pConfigDoc, bstr(L"eaphostconfig:Config"), &pXmlElConfig))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <Config> element.")));
return dwResult;
}
// Save configuration.
pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
try {
g_peer.config_blob2xml(dwFlags, pConnectionData, dwConnectionDataSize, pDoc, pXmlElConfig);
g_peer.config_blob2xml(dwFlags, pConnectionData, dwConnectionDataSize, pConfigDoc, pXmlElConfig);
} catch (std::exception &err) {
g_peer.log_error(*ppEapError = g_peer.make_error(err));
return dwResult = (*ppEapError)->dwWinError;
@@ -231,7 +231,7 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
return dwResult = ERROR_INVALID_DATA;
}
*ppConfigDoc = pDoc.detach();
*ppConfigDoc = pConfigDoc.detach();
}
return dwResult;

16
EventMonitor/App.cpp
View File

@@ -46,22 +46,14 @@ bool wxEventMonitorApp::OnInit()
::MsiUseFeature(_T(PRODUCT_VERSION_GUID), _T("featEventMonitor"));
#endif
wxConfigBase *cfgPrev = wxConfigBase::Set(new wxConfig(wxT("EventMonitor"), wxT(PRODUCT_NAME_STR)));
if (cfgPrev) wxDELETE(cfgPrev);
wxInitializeConfig();
if (!wxApp::OnInit())
return false;
// Set desired locale.
wxLanguage language = (wxLanguage)wxConfigBase::Get()->Read(wxT("Language"), wxLANGUAGE_DEFAULT);
if (wxLocale::IsAvailable(language)) {
wxString sPath;
if (wxConfigBase::Get()->Read(wxT("LocalizationRepositoryPath"), &sPath))
m_locale.AddCatalogLookupPathPrefix(sPath);
if (m_locale.Init(language)) {
wxVERIFY(m_locale.AddCatalog(wxT("wxExtend") wxT(wxExtendVersion)));
wxVERIFY(m_locale.AddCatalog(wxT("EventMonitor")));
}
if (wxInitializeLocale(m_locale)) {
//wxVERIFY(m_locale.AddCatalog(wxT("wxExtend") wxT(wxExtendVersion)));
wxVERIFY(m_locale.AddCatalog(wxT("EventMonitor")));
}
#ifdef __WXMSW__

69
EventMonitor/ETWLog.cpp
View File

@@ -31,7 +31,7 @@ using namespace winstd;
// Local helper functions declarations
//////////////////////////////////////////////////////////////////////////
static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ LPCBYTE pData);
static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ ULONG ulData);
static tstring DataToString(_In_ USHORT InType, _In_ USHORT OutType, _In_count_(nDataSize) LPCBYTE pData, _In_ SIZE_T nDataSize, _In_ const EVENT_MAP_INFO *pMapInfo, _In_ BYTE nPtrSize);
static ULONG GetArraySize(PEVENT_RECORD pEvent, PTRACE_EVENT_INFO pInfo, ULONG i, ULONG *pulArraySize);
static tstring PropertyToString(PEVENT_RECORD pEvent, PTRACE_EVENT_INFO pInfo, ULONG ulPropIndex, LPWSTR pStructureName, ULONG ulStructIndex, BYTE nPtrSize);
@@ -164,11 +164,11 @@ wxETWListCtrl::wxETWListCtrl(wxWindow *parent, wxWindowID id, const wxPoint& pos
m_rec_idx(wxETWEVENT_RECORDS_MAX),
wxListCtrl(parent, id, pos, size, style, validator, name)
{
this->AppendColumn(_("Time" ), wxLIST_FORMAT_LEFT, 100);
this->AppendColumn(_("PID" ), wxLIST_FORMAT_LEFT, 50 );
this->AppendColumn(_("TID" ), wxLIST_FORMAT_LEFT, 50 );
this->AppendColumn(_("Source"), wxLIST_FORMAT_LEFT, 100);
this->AppendColumn(_("Event" ), wxLIST_FORMAT_LEFT, wxLIST_AUTOSIZE_USEHEADER);
this->AppendColumn(_("Time" ), wxLIST_FORMAT_LEFT, 160);
this->AppendColumn(_("PID" ), wxLIST_FORMAT_LEFT, 50);
this->AppendColumn(_("TID" ), wxLIST_FORMAT_LEFT, 50);
this->AppendColumn(_("Source"), wxLIST_FORMAT_LEFT, 80);
this->AppendColumn(_("Event" ), wxLIST_FORMAT_LEFT, 350);
// Maximum expected column widths for pre-formatted row display
m_col_format_width[0] = 26;
@@ -411,7 +411,7 @@ void wxETWListCtrl::RebuildItems()
item_center = std::min<long>(
item_top + item_page_count / 2, // Index of item in the centre of the view
(item_top + m_rec_idx.size()) / 2); // Index of the item in the centre between top viewed item and the last (when list is not overflowed)
size_t center = item_center < m_rec_idx.size() ? m_rec_idx[item_center] : -1;
size_t center = (size_t)item_center < m_rec_idx.size() ? m_rec_idx[item_center] : -1;
// Rebuild the index.
m_rec_idx.clear();
@@ -706,12 +706,12 @@ void wxPersistentETWListCtrl::Save() const
SaveValue(wxString::Format(wxT("Column%sWidth"), col.GetText().c_str()), col.GetWidth());
}
SaveValue(wxT("ScrollAuto" ), wnd->m_scroll_auto);
SaveValue(wxT("ScrollAuto"), wnd->m_scroll_auto);
SaveValue(wxT("SourceCount"), (long)wnd->m_sources.size());
long i = 0;
for (wxETWListCtrl::guidset::const_iterator src = wnd->m_sources.cbegin(), src_end = wnd->m_sources.cend(); src != src_end; ++src, i++)
SaveValue(wxString::Format(wxT("Source%u"), i), tstring_guid(*src));
wxString data_str;
for (wxETWListCtrl::guidset::const_iterator src = wnd->m_sources.cbegin(), src_end = wnd->m_sources.cend(); src != src_end; ++src)
data_str += tstring_guid(*src);
SaveValue(wxT("Sources"), data_str);
SaveValue(wxT("Level"), (int)wnd->m_level);
}
@@ -735,24 +735,24 @@ bool wxPersistentETWListCtrl::Restore()
RestoreValue(wxT("ScrollAuto"), &(wnd->m_scroll_auto));
wnd->m_sources.clear();
long n;
if (RestoreValue(wxT("SourceCount"), &n)) {
wxString guid_str;
for (long i = 0; i < n; i++) {
if (RestoreValue(wxString::Format(wxT("Source%u"), i), &guid_str)) {
GUID guid;
if (StringToGuid(guid_str.c_str(), &guid))
wnd->m_sources.insert(guid);
}
wxString data_str;
if (RestoreValue(wxT("Sources"), &data_str)) {
for (size_t i = 0; (i = data_str.find(wxT('{'), i)) != std::string::npos;) {
GUID guid;
if (StringToGuid(data_str.data() + i, &guid)) {
wnd->m_sources.insert(guid);
i += 38;
} else
i++;
}
} else {
// Insert our provider by default.
wnd->m_sources.insert(EAPMETHOD_TRACE_EVENT_PROVIDER);
}
int dummy_int;
if (RestoreValue(wxT("Level"), &dummy_int))
wnd->m_level = (UCHAR)std::min<int>(std::max<int>(dummy_int, TRACE_LEVEL_ERROR), TRACE_LEVEL_VERBOSE);
int data_int;
if (RestoreValue(wxT("Level"), &data_int))
wnd->m_level = (UCHAR)std::min<int>(std::max<int>(data_int, TRACE_LEVEL_ERROR), TRACE_LEVEL_VERBOSE);
return true;
}
@@ -762,18 +762,18 @@ bool wxPersistentETWListCtrl::Restore()
// Local helper functions
//////////////////////////////////////////////////////////////////////////
static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ LPCBYTE pData)
static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ ULONG ulData)
{
if ( (pMapInfo->Flag & EVENTMAP_INFO_FLAG_MANIFEST_VALUEMAP) ||
((pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_VALUEMAP ) && (pMapInfo->Flag & ~EVENTMAP_INFO_FLAG_WBEM_VALUEMAP) != EVENTMAP_INFO_FLAG_WBEM_FLAG))
{
if ((pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_NO_MAP) == EVENTMAP_INFO_FLAG_WBEM_NO_MAP)
return tstring_printf(_T("%ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[*(PULONG)pData].OutputOffset);
return tstring_printf(_T("%ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[ulData].OutputOffset);
else {
for (ULONG i = 0; ; i++) {
if (i >= pMapInfo->EntryCount)
return tstring_printf(_T("%lu"), *(PULONG)pData);
else if (pMapInfo->MapEntryArray[i].Value == *(PULONG)pData)
return tstring_printf(_T("%lu"), ulData);
else if (pMapInfo->MapEntryArray[i].Value == ulData)
return tstring_printf(_T("%ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset);
}
}
@@ -786,15 +786,15 @@ static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ LPCBYTE pDa
if (pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_NO_MAP) {
for (ULONG i = 0; i < pMapInfo->EntryCount; i++)
if (*(PULONG)pData & (1 << i))
if (ulData & (1 << i))
out.append(tstring_printf(out.empty() ? _T("%ls") : _T(" | %ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset));
} else {
for (ULONG i = 0; i < pMapInfo->EntryCount; i++)
if ((pMapInfo->MapEntryArray[i].Value & *(PULONG)pData) == pMapInfo->MapEntryArray[i].Value)
if ((pMapInfo->MapEntryArray[i].Value & ulData) == pMapInfo->MapEntryArray[i].Value)
out.append(tstring_printf(out.empty() ? _T("%ls") : _T(" | %ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset));
}
return out.empty() ? tstring_printf(_T("%lu"), *(PULONG)pData) : out;
return out.empty() ? tstring_printf(_T("%lu"), ulData) : out;
}
return _T("<unknown map>");
@@ -875,7 +875,7 @@ static tstring DataToString(_In_ USHORT InType, _In_ USHORT OutType, _In_count_(
case TDH_OUTTYPE_NTSTATUS :
case TDH_OUTTYPE_HEXINT32 : return tstring_printf(_T("0x%x" ), *(PULONG)pData);
case TDH_OUTTYPE_IPV4 : return tstring_printf(_T("%d.%d.%d.%d"), (*(PULONG)pData >> 0) & 0xff, (*(PULONG)pData >> 8) & 0xff, (*(PULONG)pData >> 16) & 0xff, (*(PULONG)pData >> 24) & 0xff);
default: return pMapInfo ? MapToString(pMapInfo, pData) : tstring_printf(_T("%lu"), *(PULONG)pData);
default: return pMapInfo ? MapToString(pMapInfo, *(PULONG)pData) : tstring_printf(_T("%lu"), *(PULONG)pData);
}
case TDH_INTYPE_HEXINT32:
@@ -1105,8 +1105,9 @@ static tstring PropertyToString(PEVENT_RECORD pEvent, PTRACE_EVENT_INFO pInfo, U
// in the EVENT_MAP_ENTRY structure. Replace the trailing space with a null-
// terminating character, so that the bit mapped strings are correctly formatted.
for (ULONG i = 0; i < map_info->EntryCount; i++) {
SIZE_T len = _tcslen((LPCTSTR)((PBYTE)map_info.get() + map_info->MapEntryArray[i].OutputOffset)) - 1;
((LPWSTR)((PBYTE)map_info.get() + map_info->MapEntryArray[i].OutputOffset))[len] = 0;
LPWSTR str = (LPWSTR)((PBYTE)map_info.get() + map_info->MapEntryArray[i].OutputOffset);
SIZE_T len = wcslen(str);
if (len) str[len - 1] = 0;
}
}

4
EventMonitor/EventMonitor.vcxproj
View File

@@ -122,7 +122,11 @@
<None Include="res\EventMonitor.ico" />
<None Include="wxEventMonitor_UI.fbp" />
</ItemGroup>
<ItemGroup>
<POCompile Include="locale\sl_SI.po" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
<Import Project="..\include\xgettext.targets" />
</ImportGroup>
</Project>

5
EventMonitor/EventMonitor.vcxproj.filters
View File

@@ -74,4 +74,9 @@
<Filter>Resource Files</Filter>
</None>
</ItemGroup>
<ItemGroup>
<POCompile Include="locale\sl_SI.po">
<Filter>Resource Files\Localization</Filter>
</POCompile>
</ItemGroup>
</Project>

6
EventMonitor/Frame.cpp
View File

@@ -139,11 +139,11 @@ wxEventMonitorFrame::wxEventMonitorFrame(wxWindow* parent, wxWindowID id, const
m_menuView->AppendSeparator();
wxMenuItem* m_menuViewToolbarEdit;
m_menuViewToolbarEdit = new wxMenuItem(m_menuView, wxID_VIEW_TOOLBAR_EDIT, _("&Edit toolbar"), _("Toggles display of Edit toolbar"), wxITEM_CHECK);
m_menuViewToolbarEdit = new wxMenuItem(m_menuView, wxID_VIEW_TOOLBAR_EDIT, wxString::Format(_("%s toolbar"), _("&Edit")), wxString::Format(_("Toggles display of %s toolbar"), _("View")), wxITEM_CHECK);
m_menuView->Append(m_menuViewToolbarEdit);
wxMenuItem* m_menuViewToolbarView;
m_menuViewToolbarView = new wxMenuItem(m_menuView, wxID_VIEW_TOOLBAR_VIEW, _("&View toolbar"), _("Toggles display of View toolbar"), wxITEM_CHECK);
m_menuViewToolbarView = new wxMenuItem(m_menuView, wxID_VIEW_TOOLBAR_VIEW, wxString::Format(_("%s toolbar"), _("&View")), wxString::Format(_("Toggles display of %s toolbar"), _("View")), wxITEM_CHECK);
m_menuView->Append(m_menuViewToolbarView);
m_menubar->Append(m_menuView, _("&View"));
@@ -186,7 +186,7 @@ wxEventMonitorFrame::wxEventMonitorFrame(wxWindow* parent, wxWindowID id, const
m_panel = new wxEventMonitorLogPanel(this);
m_mgr.AddPane(m_panel, wxAuiPaneInfo() .Name(wxT("LogPanel")).Center() .Caption(_("Log Trace")).CaptionVisible(false).CloseButton(false).PaneBorder(false).Dock().Resizable().FloatingSize(wxDefaultSize).Floatable(false));
m_mgr.AddPane(m_panel, wxAuiPaneInfo() .Name(wxT("LogPanel")).Center() .Caption(_("Trace Log")).CaptionVisible(false).CloseButton(false).PaneBorder(false).Dock().Resizable().FloatingSize(wxDefaultSize).Floatable(false));
m_statusBar = this->CreateStatusBar(1, wxST_SIZEGRIP, wxID_ANY);

BIN
EventMonitor/MSIBuild/Makefile
View File

Binary file not shown.

1
EventMonitor/locale/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
/*.mo

61
EventMonitor/locale/EventMonitor.pot
View File

@@ -2,7 +2,7 @@
msgid ""
msgstr ""
"Project-Id-Version: EventMonitor\n"
"POT-Creation-Date: 2016-08-27 07:52+0200\n"
"POT-Creation-Date: 2016-08-31 02:51+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon.rozman@amebis.si>\n"
"Language-Team: Amebis, d. o. o., Kamnik <info@amebis.si>\n"
@@ -17,7 +17,7 @@ msgstr ""
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: .\n"
#: App.cpp:69 Frame.h:67 MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: App.cpp:61 Frame.h:67 MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "Event Monitor"
msgstr ""
@@ -27,41 +27,41 @@ msgstr ""
msgid "Error opening event trace (error %u)."
msgstr ""
#: ETWLog.cpp:171
#: ETWLog.cpp:167
msgid "Time"
msgstr ""
#: ETWLog.cpp:172
#: ETWLog.cpp:168
msgid "PID"
msgstr ""
#: ETWLog.cpp:173
#: ETWLog.cpp:169
msgid "TID"
msgstr ""
#: ETWLog.cpp:174
#: ETWLog.cpp:170
msgid "Source"
msgstr ""
#: ETWLog.cpp:175
#: ETWLog.cpp:171
msgid "Event"
msgstr ""
#: ETWLog.cpp:232
#: ETWLog.cpp:228
msgid "Access denied creating event session: you need administrative privileges (Run As Administrator) or be a member of Performance Log Users group to start event tracing session."
msgstr ""
#: ETWLog.cpp:235
#: ETWLog.cpp:231
#, c-format
msgid "The %s event session already exists."
msgstr ""
#: ETWLog.cpp:239
#: ETWLog.cpp:235
#, c-format
msgid "Error creating event session (error %u)."
msgstr ""
#: ETWLog.cpp:255 ETWLog.cpp:270 ETWLog.cpp:284
#: ETWLog.cpp:251 ETWLog.cpp:267 ETWLog.cpp:281
#, c-format
msgid "Error enabling %s event provider (error %u)."
msgstr ""
@@ -80,9 +80,8 @@ msgid "Quits this program"
msgstr ""
#: Frame.cpp:69
#, fuzzy
msgid "&Program"
msgstr "You don't have %s subscription yet."
msgstr ""
#: Frame.cpp:78
msgid "Copy A&ll"
@@ -116,7 +115,7 @@ msgstr ""
msgid "Clears record selection"
msgstr ""
#: Frame.cpp:97
#: Frame.cpp:97 Frame.cpp:142
msgid "&Edit"
msgstr ""
@@ -153,31 +152,28 @@ msgid "Displays all records up to warning level"
msgstr ""
#: Frame.cpp:135 Frame.cpp:182
#, fuzzy
msgid "Error"
msgstr "Napaka pri nalaganju knjižnice MSI.DLL (%1!ld!)."
msgstr ""
#: Frame.cpp:135 Frame.cpp:182
msgid "Displays error level records only"
msgstr ""
#: Frame.cpp:142
msgid "&Edit toolbar"
#: Frame.cpp:142 Frame.cpp:146
#, c-format
msgid "%s toolbar"
msgstr ""
#: Frame.cpp:142
msgid "Toggles display of Edit toolbar"
#: Frame.cpp:142 Frame.cpp:146
#, c-format
msgid "Toggles display of %s toolbar"
msgstr ""
#: Frame.cpp:146
msgid "&View toolbar"
#: Frame.cpp:142 Frame.cpp:146 Frame.cpp:185
msgid "View"
msgstr ""
#: Frame.cpp:146
msgid "Toggles display of View toolbar"
msgstr ""
#: Frame.cpp:149
#: Frame.cpp:146 Frame.cpp:149
msgid "&View"
msgstr ""
@@ -201,21 +197,16 @@ msgstr ""
msgid "Auto Scroll"
msgstr ""
#: Frame.cpp:185
msgid "View"
msgstr ""
#: Frame.cpp:189
msgid "Log Trace"
msgid "Trace Log"
msgstr ""
#: MSIBuild/En.Win32.Release.Feature-2.idtx:3
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:3
#: MSIBuild/En.x64.Release.Feature-2.idtx:3
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:3
#, fuzzy
msgid "1252"
msgstr "1250"
msgstr ""
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:4
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:4
@@ -223,8 +214,6 @@ msgid "EVENTM~1|GÉANTLink Event Monitor"
msgstr ""
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:4
msgid "Real-time display of internal events"
msgstr ""

228
EventMonitor/locale/sl_SI.po Normal file
View File

@@ -0,0 +1,228 @@
# Translators:
# Simon Rozman <simon@rozman.si>, 2016
msgid ""
msgstr ""
"Project-Id-Version: EventMonitor\n"
"POT-Creation-Date: 2016-08-27 14:20+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon@rozman.si>, 2016\n"
"Language-Team: Slovenian (Slovenia) (https://www.transifex.com/eduroam_devel/teams/11799/sl_SI/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: sl_SI\n"
"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);\n"
"X-Generator: Poedit 1.8.8\n"
"X-Poedit-Basepath: ..\n"
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: .\n"
"X-Poedit-SourceCharset: UTF-8\n"
#: App.cpp:69 Frame.h:67 MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "Event Monitor"
msgstr "Nadzornik dogodkov"
#: ETWLog.cpp:83
#, c-format
msgid "Error opening event trace (error %u)."
msgstr "Napaka pri odpiranju sledenja dogodkom (napaka %u)."
#: ETWLog.cpp:167
msgid "Time"
msgstr "Čas"
#: ETWLog.cpp:168
msgid "PID"
msgstr "PID"
#: ETWLog.cpp:169
msgid "TID"
msgstr "TID"
#: ETWLog.cpp:170
msgid "Source"
msgstr "Vir"
#: ETWLog.cpp:171
msgid "Event"
msgstr "Dogodek"
#: ETWLog.cpp:228
msgid ""
"Access denied creating event session: you need administrative privileges "
"(Run As Administrator) or be a member of Performance Log Users group to "
"start event tracing session."
msgstr ""
"Dostop pri ustvarjanju seje dogodkov zavrnjen: potrebujete skrbniške pravice"
" (Zaženi kot skrbnik) ali biti član skupine »Performance Log Users« za zagon"
" seje sledenja dogodkov."
#: ETWLog.cpp:231
#, c-format
msgid "The %s event session already exists."
msgstr "Seja dogodkov %s že obstaja."
#: ETWLog.cpp:235
#, c-format
msgid "Error creating event session (error %u)."
msgstr "Napaka pri ustvarjanju seje dogodkov (napaka %u)."
#: ETWLog.cpp:251 ETWLog.cpp:267 ETWLog.cpp:281
#, c-format
msgid "Error enabling %s event provider (error %u)."
msgstr "Napaka pri omogočanju ponudnika dogodkov %s (napaka %u)."
#: Frame.cpp:48 Frame.cpp:108 Frame.cpp:113 Frame.cpp:168 Frame.cpp:170
#, c-format
msgid "Toggles display of %s records"
msgstr "Obrne prikaz zapisov %s"
#: Frame.cpp:65
msgid "E&xit"
msgstr "I&zhod"
#: Frame.cpp:65
msgid "Quits this program"
msgstr "Konča ta program"
#: Frame.cpp:69
msgid "&Program"
msgstr "&Program"
#: Frame.cpp:78
msgid "Copy A&ll"
msgstr "Kopiraj &vse"
#: Frame.cpp:78 Frame.cpp:156
msgid "Copies all records to clipboard (including hidden)"
msgstr "Kopira vse zapise na odložišče (tudi skrite)"
#: Frame.cpp:83 Frame.cpp:158
msgid "Clear"
msgstr "Počisti"
#: Frame.cpp:83 Frame.cpp:158
msgid "Clears all records from the log"
msgstr "Počisti vse zapise iz dnevnika"
#: Frame.cpp:90
msgid "Select &All"
msgstr "Izberi &vse"
#: Frame.cpp:90
msgid "Selects all visible records"
msgstr "Izbere vse vidne zapise"
#: Frame.cpp:94
msgid "Select &None"
msgstr "Izberi &nič"
#: Frame.cpp:94
msgid "Clears record selection"
msgstr "Počisti izbor zapisov"
#: Frame.cpp:97 Frame.cpp:142
msgid "&Edit"
msgstr "Ur&edi"
#: Frame.cpp:101
msgid "Auto &Scroll"
msgstr "&Samodrsenje"
#: Frame.cpp:101 Frame.cpp:164
msgid "Automatically scrolls to the most recent records as they come-in"
msgstr "Samodejno pomikaj do najbolj zadnjega zapisa, ko prihajajo"
#: Frame.cpp:123 Frame.cpp:176
msgid "Verbose"
msgstr "Podrobno"
#: Frame.cpp:123 Frame.cpp:176
msgid "Displays all levels of records"
msgstr "Prikaže vse ravni zapisov"
#: Frame.cpp:127 Frame.cpp:178
msgid "Informational"
msgstr "Informativno"
#: Frame.cpp:127 Frame.cpp:178
msgid "Displays all records up to informational level"
msgstr "Prikaže vse zapise do informativne ravni"
#: Frame.cpp:131 Frame.cpp:180
msgid "Warning"
msgstr "Opozorilo"
#: Frame.cpp:131 Frame.cpp:180
msgid "Displays all records up to warning level"
msgstr "Prikaže vse zapise do opozorilne ravni"
#: Frame.cpp:135 Frame.cpp:182
msgid "Error"
msgstr "Napaka"
#: Frame.cpp:135 Frame.cpp:182
msgid "Displays error level records only"
msgstr "Prikaže samo zapise ravni napak"
#: Frame.cpp:142 Frame.cpp:146
#, c-format
msgid "%s toolbar"
msgstr "Orodna vrstica %s"
#: Frame.cpp:142 Frame.cpp:146
#, c-format
msgid "Toggles display of %s toolbar"
msgstr "Obrne prikaz orodne vrstice %s"
#: Frame.cpp:142 Frame.cpp:146 Frame.cpp:185
msgid "View"
msgstr "Pogled"
#: Frame.cpp:146 Frame.cpp:149
msgid "&View"
msgstr "Po&gled"
#: Frame.cpp:154
msgid "Copy"
msgstr "Kopiraj"
#: Frame.cpp:154
msgid "Copies selected records to clipboard"
msgstr "Kopira izbrane zapise na odložišče"
#: Frame.cpp:156
msgid "Copy All"
msgstr "Kopiraj vse"
#: Frame.cpp:161
msgid "Edit"
msgstr "Uredi"
#: Frame.cpp:164
msgid "Auto Scroll"
msgstr "Samodrsenje"
#: Frame.cpp:189
msgid "Trace Log"
msgstr "Dnevnik sledenja"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:3
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:3
#: MSIBuild/En.x64.Release.Feature-2.idtx:3
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:3
msgid "1252"
msgstr "1250"
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:4
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:4
msgid "EVENTM~1|GÉANTLink Event Monitor"
msgstr "EVENTM~1|Nadzornik dogodkov GÉANTLink"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.Win32.Release.Shortcut-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Shortcut-2.idtx:4
msgid "Real-time display of internal events"
msgstr "Prikazovalnik notranjih dogodkov v realnem času"

2
EventMonitor/wxEventMonitor_UI.cpp
View File

@@ -18,7 +18,7 @@ wxEventMonitorLogPanelBase::wxEventMonitorLogPanelBase( wxWindow* parent, wxWind
wxBoxSizer* bSizerMain;
bSizerMain = new wxBoxSizer( wxVERTICAL );
m_log = new wxETWListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VIRTUAL|wxNO_BORDER );
m_log = new wxETWListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VIRTUAL|wxNO_BORDER, wxDefaultValidator, wxT("EventMonitorLog") );
bSizerMain->Add( m_log, 1, wxEXPAND, 5 );

2
EventMonitor/wxEventMonitor_UI.fbp
View File

@@ -141,7 +141,7 @@
<property name="validator_type">wxDefaultValidator</property>
<property name="validator_variable"></property>
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_name">EventMonitorLog</property>
<property name="window_style">wxNO_BORDER</property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>

BIN
MSI/Base/Main/Makefile
View File

Binary file not shown.

23
MSI/Base/locale/GEANTLink.pot
View File

@@ -2,7 +2,7 @@
msgid ""
msgstr ""
"Project-Id-Version: GÉANTLink MSI\n"
"POT-Creation-Date: 2016-07-15 10:51+0200\n"
"POT-Creation-Date: 2016-08-31 14:33+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon.rozman@amebis.si>\n"
"Language-Team: Amebis, d. o. o., Kamnik <info@amebis.si>\n"
@@ -17,25 +17,20 @@ msgstr ""
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: .\n"
#: En.Win32.Release.Property-2.idtx:6 En.x64.Release.Property-2.idtx:6
msgid "+386 1 8311 035"
#: En.Win32.Release.LaunchCondition-2.idtx:4
#: En.x64.Release.LaunchCondition-2.idtx:4
msgid "[ProductName] requires Windows Vista or later version of Windows."
msgstr ""
#: En.Win32.Release.Property-2.idtx:3 En.x64.Release.Property-2.idtx:3
#, fuzzy
msgid "1252"
msgstr "1250"
#: En.Win32.Release.Property-2.idtx:5 En.x64.Release.Property-2.idtx:5
msgid "Amebis, p. p. 69, SI-1241 Kamnik, Slovenia, E.U."
msgstr ""
#: En.Win32.Release.Property-2.idtx:4 En.x64.Release.Property-2.idtx:4
msgid "Amebis, Slovenia, E.U."
#: En.Win32.Release.Property-2.idtx:4 En.Win32.Release.Property-2.idtx:5
#: En.x64.Release.Property-2.idtx:4 En.x64.Release.Property-2.idtx:5
msgid "http://www.geant.org/"
msgstr ""
#: En.Win32.Release.Property-2.idtx:7 En.Win32.Release.Property-2.idtx:8
#: En.Win32.Release.Property-2.idtx:9 En.x64.Release.Property-2.idtx:7
#: En.x64.Release.Property-2.idtx:8 En.x64.Release.Property-2.idtx:9
msgid "http://www.amebis.si/"
#: En.Win32.Release.Property-2.idtx:6 En.x64.Release.Property-2.idtx:6
msgid "https://github.com/Amebis/GEANTLink/releases"
msgstr ""

2
MSI/MSIBuild

Submodule MSI/MSIBuild updated: 7a459c8c6c...43f8632406

BIN
Makefile
View File

Binary file not shown.

13
VS10Solution.sln
View File

@@ -42,7 +42,9 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MsiUseFeature", "MsiUseFeat
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "EventMonitor", "EventMonitor\EventMonitor.vcxproj", "{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wxExtendLib", "lib\wxExtend\build\wxExtendLib.vcxproj", "{D3E29951-D9F5-486D-A167-20AE8E90B1FA}"
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wxExtend", "lib\wxExtend\build\wxExtendLib.vcxproj", "{D3E29951-D9F5-486D-A167-20AE8E90B1FA}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "WLANManager", "WLANManager\WLANManager.vcxproj", "{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -180,6 +182,14 @@ Global
{D3E29951-D9F5-486D-A167-20AE8E90B1FA}.Release|Win32.Build.0 = Release|Win32
{D3E29951-D9F5-486D-A167-20AE8E90B1FA}.Release|x64.ActiveCfg = Release|x64
{D3E29951-D9F5-486D-A167-20AE8E90B1FA}.Release|x64.Build.0 = Release|x64
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Debug|Win32.ActiveCfg = Debug|Win32
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Debug|Win32.Build.0 = Debug|Win32
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Debug|x64.ActiveCfg = Debug|x64
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Debug|x64.Build.0 = Debug|x64
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Release|Win32.ActiveCfg = Release|Win32
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Release|Win32.Build.0 = Release|Win32
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Release|x64.ActiveCfg = Release|x64
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@@ -201,5 +211,6 @@ Global
{2D3CE079-7EB1-4F47-B79E-F0310671ECCB} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
{679D03C5-CD70-4FFA-93F8-A4AB3637509B} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
EndGlobalSection
EndGlobal

2
WLANManager/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
/temp
/*.user

9
WLANManager/MSIBuild/.gitignore vendored Normal file
View File

@@ -0,0 +1,9 @@
/*-1.idt
/*-2.idt
/*-2.idtx
/*.Binary-1
/*.Binary-2
/*.Icon-1
/*.Icon-2
/*.lst
/*.msm

BIN
WLANManager/MSIBuild/Makefile Normal file
View File

Binary file not shown.

136
WLANManager/Main.cpp Normal file
View File

@@ -0,0 +1,136 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
#pragma comment(lib, "Wlanapi.lib")
#pragma comment(lib, "Wlanui.lib")
using namespace std;
using namespace winstd;
DWORD (WINAPI *pfnWlanReasonCodeToString)(__in DWORD dwReasonCode, __in DWORD dwBufferSize, __in_ecount(dwBufferSize) PWCHAR pStringBuffer, __reserved PVOID pReserved);
static int DisplayError(_In_z_ _Printf_format_string_ LPCTSTR format, ...)
{
va_list arg;
va_start(arg, format);
tstring msg;
vsprintf(msg, format, arg);
va_end(arg);
return MessageBox(NULL, msg.c_str(), _T("WLANManager"), MB_OK);
}
static int WLANManager()
{
int nArgs;
unique_ptr<LPWSTR[], LocalFree_delete<LPWSTR[]> > pwcArglist(CommandLineToArgvW(GetCommandLineW(), &nArgs));
if (pwcArglist == NULL) {
DisplayError(_T("%s function failed (error %u)."), _T("CommandLineToArgvW"), GetLastError());
return 1;
}
if (nArgs < 3) {
DisplayError(_T("Not enough parameters."));
return -1;
}
if (_wcsicmp(pwcArglist[1], L"profile") != 0) {
DisplayError(_T("Unknown command (%ls)."), pwcArglist[1]);
return -1;
}
// Open WLAN handle.
DWORD dwNegotiatedVersion;
wlan_handle wlan;
if (!wlan.open(WLAN_API_MAKE_VERSION(2, 0), &dwNegotiatedVersion)) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanOpenHandle"), GetLastError());
return 2;
} else if (dwNegotiatedVersion < WLAN_API_MAKE_VERSION(2, 0)) {
DisplayError(_T("WlanOpenHandle negotiated unsupported version (expected: %u, negotiated: %u)."), WLAN_API_MAKE_VERSION(2, 0), dwNegotiatedVersion);
return 3;
}
unique_ptr<WLAN_INTERFACE_INFO_LIST, WlanFreeMemory_delete<WLAN_INTERFACE_INFO_LIST> > interfaces;
{
// Get a list of WLAN interfaces.
WLAN_INTERFACE_INFO_LIST *pInterfaceList;
DWORD dwResult = WlanEnumInterfaces(wlan, NULL, &pInterfaceList);
if (dwResult != ERROR_SUCCESS) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanEnumInterfaces"), dwResult);
return 4;
}
interfaces.reset(pInterfaceList);
}
for (DWORD i = 0; i < interfaces->dwNumberOfItems; i++) {
if (interfaces->InterfaceInfo[i].isState == wlan_interface_state_not_ready) {
// This interface is not ready.
continue;
}
// Launch WLAN profile config dialog.
// Note: When a debugger is attached to this process the WlanUIEditProfile() will raise an exception and fail.
WLAN_REASON_CODE wlrc;
DWORD dwResult = WlanUIEditProfile(WLAN_UI_API_VERSION, pwcArglist[2], &(interfaces->InterfaceInfo[i].InterfaceGuid), NULL, WLSecurityPage, NULL, &wlrc);
if (dwResult != ERROR_SUCCESS) {
DisplayError(_T("%s function failed (error %u)."), _T("WlanUIEditProfile"), dwResult);
return 5;
}
if (wlrc != WLAN_REASON_CODE_SUCCESS) {
tstring reason;
if (WlanReasonCodeToString(wlrc, reason, NULL) == ERROR_SUCCESS)
DisplayError(_T("%s function failed: %s"), _T("WlanUIEditProfile"), reason.c_str());
else
DisplayError(_T("%s function failed (reason code: %u)."), _T("WlanUIEditProfile"), wlrc);
}
break;
}
return 0;
}
int CALLBACK WinMain(_In_ HINSTANCE hInstance, _In_ HINSTANCE hPrevInstance, _In_ LPSTR lpCmdLine, _In_ int nCmdShow)
{
UNREFERENCED_PARAMETER(hInstance);
UNREFERENCED_PARAMETER(hPrevInstance);
UNREFERENCED_PARAMETER(lpCmdLine);
UNREFERENCED_PARAMETER(nCmdShow);
{
// Initialize Windows XP visual styles
INITCOMMONCONTROLSEX icc;
icc.dwSize = sizeof(INITCOMMONCONTROLSEX);
icc.dwICC = ICC_WIN95_CLASSES | ICC_STANDARD_CLASSES | ICC_LINK_CLASS;
InitCommonControlsEx(&icc);
}
pfnWlanReasonCodeToString = WlanReasonCodeToString;
int res = WLANManager();
assert(!_CrtDumpMemoryLeaks());
return res;
}

18
WLANManager/README.md Normal file
View File

@@ -0,0 +1,18 @@
#WLANManager
Invokes standard Windows Wireless Network Properties dialog
##Usage
```
WLANManager profile <name>
```
- `name` - The name of the network profile (not neccessarely the same as SSID)
Return codes:
- -1 = Invalid parameters
- 0 = Success
- 1 = Error parsing command line
- 2 = WLAN handle could not be opened
- 3 = WLAN provider negotiated unsupported version
- 4 = Interface enumeration failed
- 5 = Edit profile UI failed

21
WLANManager/StdAfx.cpp Normal file
View File

@@ -0,0 +1,21 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"

33
WLANManager/StdAfx.h Normal file
View File

@@ -0,0 +1,33 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include "../lib/EAPBase_UI/include/EAP_UI.h"
#include <WinStd/Common.h>
#include <WinStd/Win.h>
#include <WinStd/WLAN.h>
#include <Windows.h>
#include <CommCtrl.h>
#include <tchar.h>
#include <memory>

14
WLANManager/WLANManager.props Normal file
View File

@@ -0,0 +1,14 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ImportGroup Label="PropertySheets" />
<PropertyGroup Label="UserMacros" />
<PropertyGroup>
<OutDir>..\output\$(Platform).$(Configuration)\</OutDir>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\lib\Events\build\temp\Events.$(Platform).$(Configuration).$(PlatformToolset);..\lib\WinStd\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
</ItemDefinitionGroup>
<ItemGroup />
</Project>

BIN
WLANManager/WLANManager.rc Normal file
View File

Binary file not shown.

112
WLANManager/WLANManager.vcxproj Normal file
View File

@@ -0,0 +1,112 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{BFCAA3B4-97A9-4EA9-8FE1-F30280142BCC}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>WLANManager</RootNamespace>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\Win32.props" />
<Import Project="..\include\Debug.props" />
<Import Project="WLANManager.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\x64.props" />
<Import Project="..\include\Debug.props" />
<Import Project="WLANManager.props" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\Win32.props" />
<Import Project="..\include\Release.props" />
<Import Project="WLANManager.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\x64.props" />
<Import Project="..\include\Release.props" />
<Import Project="WLANManager.props" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
<ItemGroup>
<ClInclude Include="StdAfx.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
<ClCompile Include="StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="WLANManager.rc" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\lib\WinStd\build\WinStd.vcxproj">
<Project>{47399d91-7eb9-41de-b521-514ba5db0c43}</Project>
</ProjectReference>
</ItemGroup>
<ItemGroup>
<None Include="README.md" />
<None Include="res\WLANManager.ico" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

41
WLANManager/WLANManager.vcxproj.filters Normal file
View File

@@ -0,0 +1,41 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude Include="StdAfx.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile Include="StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="WLANManager.rc">
<Filter>Resource Files</Filter>
</ResourceCompile>
</ItemGroup>
<ItemGroup>
<None Include="README.md" />
<None Include="res\WLANManager.ico">
<Filter>Resource Files</Filter>
</None>
</ItemGroup>
</Project>

1
WLANManager/locale/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
/*.mo

32
WLANManager/locale/WLANManager.pot Normal file
View File

@@ -0,0 +1,32 @@
msgid ""
msgstr ""
"Project-Id-Version: WLANManager\n"
"POT-Creation-Date: 2016-08-28 12:03+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon.rozman@amebis.si>\n"
"Language-Team: Amebis, d. o. o., Kamnik <info@amebis.si>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Poedit 1.8.8\n"
"X-Poedit-Basepath: ..\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"Language: en_US\n"
"X-Poedit-SourceCharset: UTF-8\n"
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: .\n"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:3
#: MSIBuild/En.x64.Release.Feature-2.idtx:3
msgid "1252"
msgstr ""
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "Helper utility to support direct shortcuts to Wireless Network Properties"
msgstr ""
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "WLAN Manager"
msgstr ""

37
WLANManager/locale/sl_SI.po Normal file
View File

@@ -0,0 +1,37 @@
# Translators:
# Simon Rozman <simon@rozman.si>, 2016
msgid ""
msgstr ""
"Project-Id-Version: WLANManager\n"
"POT-Creation-Date: 2016-08-28 12:03+0200\n"
"PO-Revision-Date: 2016-06-02 12:27+0200\n"
"Last-Translator: Simon Rozman <simon@rozman.si>, 2016\n"
"Language-Team: Slovenian (Slovenia) (https://www.transifex.com/eduroam_devel/teams/11799/sl_SI/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: sl_SI\n"
"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);\n"
"X-Generator: Poedit 1.8.8\n"
"X-Poedit-Basepath: ..\n"
"X-Poedit-KeywordsList: _\n"
"X-Poedit-SearchPath-0: .\n"
"X-Poedit-SourceCharset: UTF-8\n"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:3
#: MSIBuild/En.x64.Release.Feature-2.idtx:3
msgid "1252"
msgstr "1250"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid ""
"Helper utility to support direct shortcuts to Wireless Network Properties"
msgstr ""
"Orodje za pomoč, ki omogoča neposredne bližnjice do nastavitev brezžičnega "
"omrežja"
#: MSIBuild/En.Win32.Release.Feature-2.idtx:4
#: MSIBuild/En.x64.Release.Feature-2.idtx:4
msgid "WLAN Manager"
msgstr "Upravitelj WLAN"

BIN
WLANManager/res/WLANManager.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 106 KiB

5
include/Common.props
View File

@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright 2016 Amebis
Copyright 2016 GÉANT
Copyright 2016 GÉANT
This file is part of GÉANTLink.
@@ -43,6 +43,9 @@
<OptimizeReferences>true</OptimizeReferences>
</Link>
<ResourceCompile />
<POCompile>
<OutputFile>$(OutDir)..\locale\%(Filename)\$(ProjectName).mo</OutputFile>
</POCompile>
</ItemDefinitionGroup>
<ItemGroup />
</Project>

BIN
include/MSIBuildCfg.mak
View File

Binary file not shown.

15
include/Version.h
View File

@@ -29,7 +29,7 @@
// Product version as a single DWORD
// Note: Used for version comparison within C/C++ code.
//
#define PRODUCT_VERSION 0x00ff0d00
#define PRODUCT_VERSION 0x00ff1000
//
// Product version by components
@@ -39,26 +39,31 @@
//
#define PRODUCT_VERSION_MAJ 0
#define PRODUCT_VERSION_MIN 255
#define PRODUCT_VERSION_REV 13
#define PRODUCT_VERSION_REV 16
#define PRODUCT_VERSION_BUILD 0
//
// Human readable product version and build year for UI
//
#define PRODUCT_VERSION_STR "1.0-alpha13"
#define PRODUCT_VERSION_STR "1.0-alpha16"
#define PRODUCT_BUILD_YEAR_STR "2016"
//
// Numerical version presentation for ProductVersion propery in
// MSI packages (syntax: N.N[.N[.N]])
//
#define PRODUCT_VERSION_INST "0.255.13"
#define PRODUCT_VERSION_INST "0.255.16"
//
// The product code for ProductCode property in MSI packages
// Replace with new on every version change, regardless how minor it is.
//
#define PRODUCT_VERSION_GUID "{13ADDFF3-B249-4AB5-9FAD-E4CDCED62B11}"
#define PRODUCT_VERSION_GUID "{A41E8D8D-8A6F-415E-B303-C839E2C8A931}"
//
// Product vendor
//
#define VENDOR_NAME_STR "GÉANT"
//
// Since the product name is not finally confirmed at the time of

21
lib/EAPBase/include/Config.h
View File

@@ -89,6 +89,7 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::config &val);
#include <eaptypes.h> // Must include after <Windows.h>
#include <tchar.h>
#include <list>
#include <string>
#include <memory>
@@ -192,6 +193,9 @@ namespace eap
public:
module &m_module; ///< EAP module
protected:
static const winstd::bstr namespace_eapmetadata;
};
@@ -243,6 +247,11 @@ namespace eap
/// \returns One of `winstd::eap_type_t` constants.
///
virtual winstd::eap_type_t get_method_id() const = 0;
///
/// Returns a string identifier of the EAP method type of this configuration
///
virtual const wchar_t* get_method_str() const = 0;
};
@@ -337,6 +346,11 @@ namespace eap
/// @}
///
/// Creates a blank set of credentials suitable for this method
///
virtual credentials* make_credentials() const = 0;
public:
bool m_allow_save; ///< Are credentials allowed to be saved to Windows Credential Manager?
bool m_use_preshared; ///< Use pre-shared credentials
@@ -442,7 +456,7 @@ namespace eap
public:
bool m_read_only; ///< Is profile read-only
std::wstring m_id; ///< Profile ID
std::wstring m_id; ///< Provider ID
winstd::tstring m_name; ///< Provider name
winstd::tstring m_help_email; ///< Helpdesk e-mail
winstd::tstring m_help_web; ///< Helpdesk website URL
@@ -456,6 +470,9 @@ namespace eap
class config_connection : public config
{
public:
typedef std::list<eap::config_provider> provider_list;
public:
///
/// Constructs configuration
@@ -550,7 +567,7 @@ namespace eap
/// @}
public:
std::vector<eap::config_provider> m_providers; ///< Array of provider configurations
std::list<eap::config_provider> m_providers; ///< Provider configurations
};
}

132
lib/EAPBase/include/Credentials.h
View File

@@ -31,6 +31,11 @@ namespace eap
/// Password based method credentials
///
class credentials_pass;
///
/// Connection credentials
///
class credentials_connection;
}
#pragma once
@@ -47,6 +52,7 @@ namespace eap
#include <tchar.h>
#include <wincred.h>
#include <memory>
#include <string>
@@ -58,7 +64,7 @@ namespace eap
///
/// Credential source when combined
///
enum source_t {
enum source_t {
source_unknown = -1, ///< Unknown source
source_cache = 0, ///< Credentials were obtained from EapHost cache
source_preshared, ///< Credentials were set by method configuration
@@ -217,6 +223,27 @@ namespace eap
///
virtual winstd::tstring get_name() const;
///
/// Combine credentials in the following order:
///
/// 1. Cached credentials
/// 2. Pre-configured credentials
/// 3. Stored credentials
///
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be the same type of credentials as `this`)
/// \param[in] cfg Method configuration (must be the same type of configuration as `this` credentials belong to)
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns
/// - \c source_cache Credentials were obtained from EapHost cache
/// - \c source_preshared Credentials were set by method configuration
/// - \c source_storage Credentials were loaded from Windows Credential Manager
///
virtual source_t combine(
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName) = 0;
public:
std::wstring m_identity; ///< Identity (username\@domain, certificate name etc.)
};
@@ -351,4 +378,107 @@ namespace eap
static const unsigned char s_entropy[1024];
/// \endcond
};
class credentials_connection : public config
{
public:
///
/// Constructs credentials
///
/// \param[in] mod EAP module to use for global services
/// \param[in] cfg Connection configuration
///
credentials_connection(_In_ module &mod, _In_ const config_connection &cfg);
///
/// Copies credentials
///
/// \param[in] other Credentials to copy from
///
credentials_connection(_In_ const credentials_connection &other);
///
/// Moves credentials
///
/// \param[in] other Credentials to move from
///
credentials_connection(_Inout_ credentials_connection &&other);
///
/// Copies credentials
///
/// \param[in] other Credentials to copy from
///
/// \returns Reference to this object
///
credentials_connection& operator=(_In_ const credentials_connection &other);
///
/// Moves credentials
///
/// \param[in] other Credentials to move from
///
/// \returns Reference to this object
///
credentials_connection& operator=(_Inout_ credentials_connection &&other);
///
/// Clones configuration
///
/// \returns Pointer to cloned configuration
///
virtual config* clone() const;
/// \name XML configuration management
/// @{
///
/// Save to XML document
///
/// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving
///
virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
///
/// Load from XML document
///
/// \param[in] pConfigRoot Root element for loading
///
virtual void load(_In_ IXMLDOMNode *pConfigRoot);
/// @}
/// \name BLOB management
/// @{
///
/// Packs a configuration
///
/// \param[inout] cursor Memory cursor
///
virtual void operator<<(_Inout_ cursor_out &cursor) const;
///
/// Returns packed size of a configuration
///
/// \returns Size of data when packed (in bytes)
///
virtual size_t get_pk_size() const;
///
/// Unpacks a configuration
///
/// \param[inout] cursor Memory cursor
///
virtual void operator>>(_Inout_ cursor_in &cursor);
/// @}
public:
const config_connection& m_cfg; ///< Connection configuration
std::wstring m_id; ///< Provider ID
std::unique_ptr<credentials> m_cred; ///< Credentials
};
}

12
lib/EAPBase/include/Method.h
View File

@@ -51,11 +51,10 @@ namespace eap
/// Constructs an EAP method
///
/// \param[in] mod EAP module to use for global services
/// \param[in] cfg Connection configuration
/// \param[in] cfg Method configuration
/// \param[in] cred User credentials
///
method(_In_ module &module, _In_ config_connection &cfg, _In_ credentials &cred);
method(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred);
///
/// Moves an EAP method
@@ -130,8 +129,9 @@ namespace eap
method& operator=(_In_ const method &other);
public:
module &m_module; ///< EAP module
config_connection &m_cfg; ///< Connection configuration
credentials &m_cred; ///< User credentials
module &m_module; ///< EAP module
config_method_with_cred &m_cfg; ///< Connection configuration
credentials &m_cred; ///< User credentials
std::vector<winstd::eap_attr> m_eap_attr; ///< EAP attributes
};
}

124
lib/EAPBase/src/Config.cpp
View File

@@ -95,6 +95,9 @@ void eap::config::operator>>(_Inout_ cursor_in &cursor)
}
const bstr eap::config::namespace_eapmetadata(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
//////////////////////////////////////////////////////////////////////
// eap::config_method
//////////////////////////////////////////////////////////////////////
@@ -156,11 +159,11 @@ eap::config_method_with_cred::config_method_with_cred(_In_ const config_method_w
eap::config_method_with_cred::config_method_with_cred(_Inout_ config_method_with_cred &&other) :
m_allow_save(std::move(other.m_allow_save)),
m_allow_save (std::move(other.m_allow_save )),
m_use_preshared(std::move(other.m_use_preshared)),
m_preshared(std::move(other.m_preshared)),
m_auth_failed(std::move(other.m_auth_failed)),
config_method(std::move(other))
m_preshared (std::move(other.m_preshared )),
m_auth_failed (std::move(other.m_auth_failed )),
config_method (std::move(other ))
{
}
@@ -198,16 +201,15 @@ void eap::config_method_with_cred::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOM
assert(pDoc);
assert(pConfigRoot);
const winstd::bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), namespace_eapmetadata, &pXmlElClientSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientSideCredential> element.");
// <ClientSideCredential>/<allow-save>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), bstrNamespace, m_allow_save)))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), namespace_eapmetadata, m_allow_save)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <allow-save> element.");
if (m_use_preshared)
@@ -285,16 +287,16 @@ eap::config_provider::config_provider(_In_ module &mod) :
eap::config_provider::config_provider(_In_ const config_provider &other) :
m_read_only(other.m_read_only),
m_id(other.m_id),
m_name(other.m_name),
m_help_email(other.m_help_email),
m_help_web(other.m_help_web),
m_help_phone(other.m_help_phone),
m_read_only (other.m_read_only ),
m_id (other.m_id ),
m_name (other.m_name ),
m_help_email (other.m_help_email ),
m_help_web (other.m_help_web ),
m_help_phone (other.m_help_phone ),
m_lbl_alt_credential(other.m_lbl_alt_credential),
m_lbl_alt_identity(other.m_lbl_alt_identity),
m_lbl_alt_password(other.m_lbl_alt_password),
config(other)
m_lbl_alt_identity (other.m_lbl_alt_identity ),
m_lbl_alt_password (other.m_lbl_alt_password ),
config (other )
{
m_methods.reserve(other.m_methods.size());
for (vector<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method)
@@ -303,17 +305,17 @@ eap::config_provider::config_provider(_In_ const config_provider &other) :
eap::config_provider::config_provider(_Inout_ config_provider &&other) :
m_read_only(std::move(other.m_read_only)),
m_id(std::move(other.m_id)),
m_name(std::move(other.m_name)),
m_help_email(std::move(other.m_help_email)),
m_help_web(std::move(other.m_help_web)),
m_help_phone(std::move(other.m_help_phone)),
m_read_only (std::move(other.m_read_only )),
m_id (std::move(other.m_id )),
m_name (std::move(other.m_name )),
m_help_email (std::move(other.m_help_email )),
m_help_web (std::move(other.m_help_web )),
m_help_phone (std::move(other.m_help_phone )),
m_lbl_alt_credential(std::move(other.m_lbl_alt_credential)),
m_lbl_alt_identity(std::move(other.m_lbl_alt_identity)),
m_lbl_alt_password(std::move(other.m_lbl_alt_password)),
m_methods(std::move(other.m_methods)),
config(std::move(other))
m_lbl_alt_identity (std::move(other.m_lbl_alt_identity )),
m_lbl_alt_password (std::move(other.m_lbl_alt_password )),
m_methods (std::move(other.m_methods )),
config (std::move(other ))
{
}
@@ -345,17 +347,17 @@ eap::config_provider& eap::config_provider::operator=(_In_ const config_provider
eap::config_provider& eap::config_provider::operator=(_Inout_ config_provider &&other)
{
if (this != &other) {
(config&&)*this = std::move(other);
m_read_only = std::move(m_read_only);
m_id = std::move(other.m_id);
m_name = std::move(other.m_name);
m_help_email = std::move(other.m_help_email);
m_help_web = std::move(other.m_help_web);
m_help_phone = std::move(other.m_help_phone);
(config&&)*this = std::move(other );
m_read_only = std::move(other.m_read_only );
m_id = std::move(other.m_id );
m_name = std::move(other.m_name );
m_help_email = std::move(other.m_help_email );
m_help_web = std::move(other.m_help_web );
m_help_phone = std::move(other.m_help_phone );
m_lbl_alt_credential = std::move(other.m_lbl_alt_credential);
m_lbl_alt_identity = std::move(other.m_lbl_alt_identity);
m_lbl_alt_password = std::move(other.m_lbl_alt_password);
m_methods = std::move(other.m_methods);
m_lbl_alt_identity = std::move(other.m_lbl_alt_identity );
m_lbl_alt_password = std::move(other.m_lbl_alt_password );
m_methods = std::move(other.m_methods );
}
return *this;
@@ -372,72 +374,71 @@ void eap::config_provider::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
{
config::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <read-only>
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"read-only"), bstrNamespace, m_read_only)))
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"read-only"), namespace_eapmetadata, m_read_only)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <read-only> element.");
// <ID>
if (!m_id.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"ID"), bstrNamespace, bstr(m_id))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"ID"), namespace_eapmetadata, bstr(m_id))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ID> element.");
// <ProviderInfo>
com_obj<IXMLDOMElement> pXmlElProviderInfo;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), bstr(L"ProviderInfo"), bstrNamespace, &pXmlElProviderInfo)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ProviderInfo"), bstr(L"ProviderInfo"), namespace_eapmetadata, &pXmlElProviderInfo)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ProviderInfo> element.");
// <ProviderInfo>/<DisplayName>
if (!m_name.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"DisplayName"), bstrNamespace, bstr(m_name))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"DisplayName"), namespace_eapmetadata, bstr(m_name))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <DisplayName> element.");
// <ProviderInfo>/<Helpdesk>
com_obj<IXMLDOMElement> pXmlElHelpdesk;
if (FAILED(hr = eapxml::create_element(pDoc, pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), bstr(L"Helpdesk"), bstrNamespace, &pXmlElHelpdesk)))
if (FAILED(hr = eapxml::create_element(pDoc, pXmlElProviderInfo, bstr(L"eap-metadata:Helpdesk"), bstr(L"Helpdesk"), namespace_eapmetadata, &pXmlElHelpdesk)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Helpdesk> element.");
// <ProviderInfo>/<Helpdesk>/<EmailAddress>
if (!m_help_email.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"EmailAddress"), bstrNamespace, bstr(m_help_email))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"EmailAddress"), namespace_eapmetadata, bstr(m_help_email))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EmailAddress> element.");
// <ProviderInfo>/<Helpdesk>/<WebAddress>
if (!m_help_web.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"WebAddress"), bstrNamespace, bstr(m_help_web))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"WebAddress"), namespace_eapmetadata, bstr(m_help_web))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <WebAddress> element.");
// <ProviderInfo>/<Helpdesk>/<Phone>
if (!m_help_phone.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"Phone"), bstrNamespace, bstr(m_help_phone))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElHelpdesk, bstr(L"Phone"), namespace_eapmetadata, bstr(m_help_phone))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Phone> element.");
// <ProviderInfo>/<CredentialPrompt>
if (!m_lbl_alt_credential.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"CredentialPrompt"), bstrNamespace, bstr(m_lbl_alt_credential))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"CredentialPrompt"), namespace_eapmetadata, bstr(m_lbl_alt_credential))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CredentialPrompt> element.");
// <ProviderInfo>/<UserNameLabel>
if (!m_lbl_alt_identity.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"UserNameLabel"), bstrNamespace, bstr(m_lbl_alt_identity))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"UserNameLabel"), namespace_eapmetadata, bstr(m_lbl_alt_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <UserNameLabel> element.");
// <ProviderInfo>/<PasswordLabel>
if (!m_lbl_alt_password.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"PasswordLabel"), bstrNamespace, bstr(m_lbl_alt_password))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElProviderInfo, bstr(L"PasswordLabel"), namespace_eapmetadata, bstr(m_lbl_alt_password))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <PasswordLabel> element.");
// <AuthenticationMethods>
com_obj<IXMLDOMElement> pXmlElAuthenticationMethods;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), namespace_eapmetadata, &pXmlElAuthenticationMethods)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethods> element.");
for (vector<unique_ptr<config_method> >::const_iterator method = m_methods.cbegin(), method_end = m_methods.cend(); method != method_end; ++method) {
// <AuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElAuthenticationMethod;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod)))
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), namespace_eapmetadata, &pXmlElAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethod> element.");
// <AuthenticationMethod>/...
@@ -619,14 +620,14 @@ eap::config_connection::config_connection(_In_ module &mod) : config(mod)
eap::config_connection::config_connection(_In_ const config_connection &other) :
m_providers(other.m_providers),
config(other)
config (other )
{
}
eap::config_connection::config_connection(_Inout_ config_connection &&other) :
m_providers(std::move(other.m_providers)),
config(std::move(other))
config (std::move(other ))
{
}
@@ -645,7 +646,7 @@ eap::config_connection& eap::config_connection::operator=(_In_ const config_conn
eap::config_connection& eap::config_connection::operator=(_Inout_ config_connection &&other)
{
if (this != &other) {
(config&&)*this = std::move(other);
(config&&)*this = std::move(other );
m_providers = std::move(other.m_providers);
}
@@ -663,18 +664,17 @@ void eap::config_connection::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
{
config::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// Select <EAPIdentityProviderList> node.
com_obj<IXMLDOMNode> pXmlElIdentityProviderList;
if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <EAPIdentityProviderList> element.");
// Create <EAPIdentityProviderList> node.
com_obj<IXMLDOMElement> pXmlElIdentityProviderList;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), bstr(L"EAPIdentityProviderList"), namespace_eapmetadata, &pXmlElIdentityProviderList)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EAPIdentityProviderList> element.");
for (vector<config_provider>::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) {
for (provider_list::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) {
// <EAPIdentityProvider>
com_obj<IXMLDOMElement> pXmlElIdentityProvider;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider)))
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), namespace_eapmetadata, &pXmlElIdentityProvider)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EAPIdentityProvider> element.");
// <EAPIdentityProvider>/...
@@ -733,10 +733,10 @@ void eap::config_connection::operator>>(_Inout_ cursor_in &cursor)
{
config::operator>>(cursor);
list<config_provider>::size_type count;
provider_list::size_type count;
cursor >> count;
m_providers.clear();
for (list<config_provider>::size_type i = 0; i < count; i++) {
for (provider_list::size_type i = 0; i < count; i++) {
config_provider el(m_module);
cursor >> el;
m_providers.push_back(std::move(el));

161
lib/EAPBase/src/Credentials.cpp
View File

@@ -90,11 +90,10 @@ void eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
config::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <UserName>
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), namespace_eapmetadata, bstr(m_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <UserName> element.");
}
@@ -109,7 +108,7 @@ void eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot)
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
if (FAILED(hr = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)))
throw com_runtime_error(hr, __FUNCTION__ " Error reading <UserName> element.");
m_identity.clear();
m_module.log_config((xpath + L"/UserName").c_str(), m_identity.c_str());
}
@@ -145,7 +144,10 @@ wstring eap::credentials::get_identity() const
tstring eap::credentials::get_name() const
{
return !empty() ? get_identity() : _T("<blank>");
tstring identity(std::move(get_identity()));
return
!identity.empty() ? identity :
empty() ? _T("<empty>") : _T("<blank ID>");
}
@@ -214,12 +216,11 @@ void eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
credentials::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <Password>
bstr pass(m_password);
hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), bstrNamespace, pass);
hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), namespace_eapmetadata, pass);
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (FAILED(hr))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <Password> element.");
@@ -415,3 +416,151 @@ const unsigned char eap::credentials_pass::s_entropy[1024] = {
0x30, 0x29, 0x39, 0x9a, 0xd6, 0xab, 0x2e, 0xc6, 0x42, 0x47, 0x5e, 0x54, 0xbb, 0x90, 0xe6, 0x98,
0xe6, 0x52, 0x58, 0x58, 0x1e, 0xd0, 0x00, 0x9c, 0x8f, 0x4a, 0x17, 0x7e, 0x8a, 0x5a, 0xef, 0x3e,
};
//////////////////////////////////////////////////////////////////////
// eap::credentials_connection
//////////////////////////////////////////////////////////////////////
eap::credentials_connection::credentials_connection(_In_ module &mod, _In_ const config_connection &cfg) :
m_cfg(cfg),
config(mod)
{
}
eap::credentials_connection::credentials_connection(_In_ const credentials_connection &other) :
m_cfg (other.m_cfg ),
m_id (other.m_id ),
m_cred(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr),
config(other )
{
}
eap::credentials_connection::credentials_connection(_Inout_ credentials_connection &&other) :
m_cfg ( other.m_cfg ),
m_id (std::move(other.m_id )),
m_cred(std::move(other.m_cred)),
config(std::move(other ))
{
}
eap::credentials_connection& eap::credentials_connection::operator=(_In_ const credentials_connection &other)
{
if (this != &other) {
(config&)*this = other;
m_id = other.m_id;
m_cred.reset(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr);
}
return *this;
}
eap::credentials_connection& eap::credentials_connection::operator=(_Inout_ credentials_connection &&other)
{
if (this != &other) {
(config&)*this = std::move(other );
m_id = std::move(other.m_id );
m_cred = std::move(other.m_cred);
}
return *this;
}
eap::config* eap::credentials_connection::clone() const
{
return new credentials_connection(*this);
}
void eap::credentials_connection::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
{
assert(pDoc);
assert(pConfigRoot);
config::save(pDoc, pConfigRoot);
HRESULT hr;
// <IdentityProviderID>
if (FAILED(hr = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"IdentityProviderID"), namespace_eapmetadata, bstr(m_id))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <IdentityProviderID> element.");
m_cred->save(pDoc, pConfigRoot);
}
void eap::credentials_connection::load(_In_ IXMLDOMNode *pConfigRoot)
{
assert(pConfigRoot);
HRESULT hr;
config::load(pConfigRoot);
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
if (FAILED(hr = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:IdentityProviderID"), m_id)))
m_id.clear();
m_module.log_config((xpath + L"/IdentityProviderID").c_str(), m_id.c_str());
// Look-up the provider.
for (config_connection::provider_list::const_iterator cfg_prov = m_cfg.m_providers.cbegin(), cfg_prov_end = m_cfg.m_providers.cend(); ; ++cfg_prov) {
if (cfg_prov != cfg_prov_end) {
if (_wcsicmp(cfg_prov->m_id.c_str(), m_id.c_str()) == 0) {
// Matching provider found. Create matching blank credential set, then load.
if (cfg_prov->m_methods.empty())
throw invalid_argument(string_printf(__FUNCTION__ " %ls provider has no methods.", cfg_prov->m_id.c_str()).c_str());
const config_method_with_cred *cfg_method = dynamic_cast<const config_method_with_cred*>(cfg_prov->m_methods.front().get());
m_cred.reset(cfg_method->make_credentials());
m_cred->load(pConfigRoot);
break;
}
} else
throw invalid_argument(string_printf(__FUNCTION__ " Credentials do not match to any provider ID within this connection configuration (provider ID: %ls).", m_id.c_str()).c_str());
}
}
void eap::credentials_connection::operator<<(_Inout_ cursor_out &cursor) const
{
config::operator<<(cursor);
cursor << m_id ;
cursor << *m_cred;
}
size_t eap::credentials_connection::get_pk_size() const
{
return
config::get_pk_size() +
pksizeof( m_id ) +
pksizeof(*m_cred);
}
void eap::credentials_connection::operator>>(_Inout_ cursor_in &cursor)
{
config::operator>>(cursor);
cursor >> m_id;
// Look-up the provider.
for (config_connection::provider_list::const_iterator cfg_prov = m_cfg.m_providers.cbegin(), cfg_prov_end = m_cfg.m_providers.cend(); ; ++cfg_prov) {
if (cfg_prov != cfg_prov_end) {
if (_wcsicmp(cfg_prov->m_id.c_str(), m_id.c_str()) == 0) {
// Matching provider found. Create matching blank credential set, then read.
if (cfg_prov->m_methods.empty())
throw invalid_argument(string_printf(__FUNCTION__ " %ls provider has no methods.", cfg_prov->m_id.c_str()).c_str());
const config_method_with_cred *cfg_method = dynamic_cast<const config_method_with_cred*>(cfg_prov->m_methods.front().get());
m_cred.reset(cfg_method->make_credentials());
cursor >> *m_cred;
break;
}
} else
throw invalid_argument(string_printf(__FUNCTION__ " Credentials do not match to any provider ID within this connection configuration (provider ID: %ls).", m_id.c_str()).c_str());
}
}

10
lib/EAPBase/src/Method.cpp
View File

@@ -28,7 +28,7 @@ using namespace winstd;
// eap::method
//////////////////////////////////////////////////////////////////////
eap::method::method(_In_ module &module, _In_ config_connection &cfg, _In_ credentials &cred) :
eap::method::method(_In_ module &module, _In_ config_method_with_cred &cfg, _In_ credentials &cred) :
m_module(module),
m_cfg(cfg),
m_cred(cred)
@@ -37,9 +37,10 @@ eap::method::method(_In_ module &module, _In_ config_connection &cfg, _In_ crede
eap::method::method(_Inout_ method &&other) :
m_module(other.m_module),
m_cfg(other.m_cfg),
m_cred(other.m_cred)
m_module ( other.m_module ),
m_cfg ( other.m_cfg ),
m_cred ( other.m_cred ),
m_eap_attr(std::move(other.m_eap_attr))
{
}
@@ -50,6 +51,7 @@ eap::method& eap::method::operator=(_Inout_ method &&other)
assert(std::addressof(m_module) == std::addressof(other.m_module)); // Move method within same module only!
assert(std::addressof(m_cfg ) == std::addressof(other.m_cfg )); // Move method with same configuration only!
assert(std::addressof(m_cred ) == std::addressof(other.m_cred )); // Move method with same credentials only!
m_eap_attr = std::move(other.m_eap_attr);
}
return *this;

1
lib/EAPBase_UI/build/EAPBase_UI.vcxproj
View File

@@ -81,6 +81,7 @@
<ItemGroup>
<ClInclude Include="..\include\EAP_UI.h" />
<ClInclude Include="..\include\Module.h" />
<ClInclude Include="..\include\wxEAP_UIBase.h" />
<ClInclude Include="..\res\wxEAP_UI.h" />
<ClInclude Include="..\src\StdAfx.h" />
</ItemGroup>

3
lib/EAPBase_UI/build/EAPBase_UI.vcxproj.filters
View File

@@ -27,6 +27,9 @@
<ClInclude Include="..\include\Module.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\wxEAP_UIBase.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\src\StdAfx.cpp">

399
lib/EAPBase_UI/include/EAP_UI.h
View File

@@ -20,7 +20,10 @@
#include <wx/hyperlink.h>
#include <wx/icon.h>
#include <wx/intl.h>
#include <wx/msgdlg.h>
#include <wx/scrolwin.h>
#include <wx/textdlg.h>
#include <Windows.h>
@@ -40,10 +43,15 @@ template <class _wxT> class wxEAPConfigDialog;
class wxEAPGeneralDialog;
///
/// EAP top-most credential dialog
/// EAP method credential dialog
///
class wxEAPCredentialsDialog;
///
/// EAP connection credential dialog
///
class wxEAPCredentialsConnectionDialog;
///
/// EAP general note
///
@@ -64,10 +72,15 @@ class wxEAPCredentialWarningPanel;
///
class wxEAPConfigWindow;
///
/// EAP provider contact info config panel
///
class wxEAPProviderContactInfoPanel;
///
/// EAP provider identity config panel
///
class wxEAPProviderIdentityPanel;
class wxEAPProviderIDPanel;
///
/// EAP provider configuration dialog
@@ -80,9 +93,9 @@ class wxEAPConfigProvider;
template <class _Tcred, class _wxT> class wxEAPCredentialsConfigPanel;
///
/// Base template for all credential entry panels
/// Helper template for all credential entry panels
///
template <class _Tcred, class _Tbase> class wxEAPCredentialsPanelBase;
template <class _Tcred, class _Tbase> class wxEAPCredentialsPanel;
///
/// Generic password credential entry panel
@@ -104,6 +117,17 @@ inline wxIcon wxLoadIconFromResource(HINSTANCE hinst, PCWSTR pszName, const wxSi
///
inline wxString wxEAPGetProviderName(const std::wstring &id);
///
/// Initializes wxWidgets application configuration scheme
///
inline void wxInitializeConfig();
///
/// Inizializes wxWidgets localization scheme
///
inline bool wxInitializeLocale(wxLocale &locale);
namespace eap
{
///
@@ -124,6 +148,7 @@ namespace eap
#include <WinStd/Cred.h>
#include <WinStd/Win.h>
#include <wx/config.h>
#include <wx/log.h>
#include <CommCtrl.h>
@@ -174,7 +199,7 @@ public:
this->SetIcon(wxIcon(wxICON(product.ico)));
#endif
for (std::vector<eap::config_provider>::iterator provider = m_cfg.m_providers.begin(), provider_end = m_cfg.m_providers.end(); provider != provider_end; ++provider) {
for (eap::config_connection::provider_list::iterator provider = m_cfg.m_providers.begin(), provider_end = m_cfg.m_providers.end(); provider != provider_end; ++provider) {
bool is_single = provider->m_methods.size() == 1;
std::vector<std::unique_ptr<eap::config_method> >::size_type count = 0;
std::vector<std::unique_ptr<eap::config_method> >::iterator method = provider->m_methods.begin(), method_end = provider->m_methods.end();
@@ -186,8 +211,8 @@ public:
provider->m_id.c_str(),
m_providers),
is_single ?
wxEAPGetProviderName(provider->m_id) :
winstd::tstring_printf(_T("%s (%u)"), wxEAPGetProviderName(provider->m_id), count));
wxEAPGetProviderName(provider->m_name) :
winstd::tstring_printf(_T("%s (%u)"), wxEAPGetProviderName(provider->m_name), count));
}
this->Layout();
@@ -210,24 +235,83 @@ protected:
}
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
m_advanced->Enable(!m_cfg.m_providers.at(m_providers->GetSelection()).m_read_only);
virtual void OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
int idx = m_providers->GetSelection();
if (idx != wxNOT_FOUND) {
eap::config_provider &cfg_provider = ((_wxT*)m_providers->GetPage(idx))->GetProvider();
m_prov_remove->Enable(true);
m_prov_advanced->Enable(!cfg_provider.m_read_only);
} else {
m_prov_remove->Enable(false);
m_prov_advanced->Enable(false);
}
}
virtual void OnAdvanced(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxEAPConfigProvider dlg(m_cfg.m_providers.at(m_providers->GetSelection()), this);
dlg.ShowModal();
virtual void OnProvAdd(wxCommandEvent& /*event*/)
{
// One method
std::unique_ptr<eap::config_method> cfg_method(m_cfg.m_module.make_config_method());
// Create provider.
eap::config_provider cfg_provider(m_cfg.m_module);
GUID guid;
CoCreateGuid(&guid);
cfg_provider.m_id = std::move(winstd::wstring_guid(guid));
cfg_provider.m_methods.push_back(std::move(cfg_method));
// Append provider.
m_cfg.m_providers.push_back(std::move(cfg_provider));
eap::config_provider &cfg_provider2 = m_cfg.m_providers.back();
eap::config_method *cfg_method2 = cfg_provider2.m_methods.front().get();
m_providers->InsertPage(
m_providers->GetSelection() + 1,
new _wxT(
cfg_provider2,
*cfg_method2,
cfg_provider2.m_id.c_str(),
m_providers),
wxEAPGetProviderName(cfg_provider2.m_name), true);
this->Layout();
this->Fit();
}
virtual void OnProvRemove(wxCommandEvent& /*event*/)
{
int idx = m_providers->GetSelection();
eap::config_provider &cfg_provider = ((_wxT*)m_providers->GetPage(idx))->GetProvider();
if (wxMessageBox(tstring_printf(_("Are you sure you want to permanently remove %ls provider from configuration?"), cfg_provider.m_name.c_str()), _("Warning"), wxYES_NO, this) == wxYES) {
// Delete provider.
eap::config_connection::provider_list::iterator it(m_cfg.m_providers.begin());
for (int i = 0; i < idx; i++, ++it);
m_cfg.m_providers.erase(it);
m_providers->DeletePage(idx);
if (idx < m_providers->GetPageCount())
m_providers->SetSelection(idx);
this->Layout();
this->Fit();
}
}
virtual void OnProvAdvanced(wxCommandEvent& /*event*/)
{
int idx = m_providers->GetSelection();
eap::config_provider &cfg_provider = ((_wxT*)m_providers->GetPage(idx))->GetProvider();
wxEAPConfigProvider dlg(cfg_provider, this);
if (dlg.ShowModal() == wxID_OK)
m_providers->SetPageText(idx, wxEAPGetProviderName(cfg_provider.m_name));
}
/// \endcond
protected:
eap::config_connection &m_cfg; ///< Connection configuration
};
@@ -268,6 +352,21 @@ public:
};
class wxEAPCredentialsConnectionDialog : public wxEAPCredentialsConnectionDialogBase
{
public:
///
/// Constructs a credential dialog
///
wxEAPCredentialsConnectionDialog(wxWindow *parent, wxWindowID id = wxID_ANY, const wxString &title = _("EAP Credentials"), const wxPoint &pos = wxDefaultPosition, const wxSize &size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE);
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
/// \endcond
};
class wxEAPNotePanel : public wxEAPNotePanelBase
{
public:
@@ -347,35 +446,38 @@ public:
/// \param[inout] cfg Configuration data
/// \param[in] parent Parent window
///
wxEAPConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent);
wxEAPConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent);
///
/// Destructs the configuration window
///
virtual ~wxEAPConfigWindow();
public:
inline eap::config_provider& GetProvider() const { return m_prov; }
inline eap::config_method & GetConfig () const { return m_cfg ; }
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnUpdateUI(wxUpdateUIEvent& event);
/// \endcond
protected:
const eap::config_provider &m_prov; ///< EAP provider
eap::config_method &m_cfg; ///< Method configuration
eap::config_provider &m_prov; ///< EAP provider
eap::config_method &m_cfg; ///< Method configuration
};
class wxEAPProviderIdentityPanel : public wxEAPProviderIdentityPanelBase
class wxEAPProviderContactInfoPanel : public wxEAPProviderContactInfoPanelBase
{
public:
///
/// Constructs a provider identity pannel
/// Constructs a provider contact info pannel
///
/// \param[inout] prov Provider configuration data
/// \param[in] parent Parent window
///
wxEAPProviderIdentityPanel(eap::config_provider &prov, wxWindow* parent);
wxEAPProviderContactInfoPanel(eap::config_provider &prov, wxWindow* parent);
friend class wxEAPConfigProvider; // Allows direct setting of keyboard focus
@@ -386,7 +488,29 @@ protected:
/// \endcond
protected:
eap::config_provider &m_prov; ///< EAP method configuration
eap::config_provider &m_prov; ///< Provider configuration
};
class wxEAPProviderIDPanel : public wxEAPProviderIDPanelBase
{
public:
///
/// Constructs a provider identity pannel
///
/// \param[inout] prov Provider configuration data
/// \param[in] parent Parent window
///
wxEAPProviderIDPanel(eap::config_provider &prov, wxWindow* parent);
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
/// \endcond
protected:
eap::config_provider &m_prov; ///< Provider configuration
};
@@ -424,9 +548,10 @@ public:
wxEAPConfigProvider(eap::config_provider &prov, wxWindow *parent, wxWindowID id = wxID_ANY, const wxString &title = _("Provider Settings"), const wxPoint &pos = wxDefaultPosition, const wxSize &size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE);
protected:
eap::config_provider &m_prov; ///< EAP method configuration
wxEAPProviderIdentityPanel *m_identity; ///< Provider identity panel
wxEAPProviderLockPanel *m_lock; ///< Provider lock panel
eap::config_provider &m_prov; ///< EAP method configuration
wxEAPProviderContactInfoPanel *m_contact; ///< Provider contact info panel
wxEAPProviderIDPanel *m_identity; ///< Provider identity panel
wxEAPProviderLockPanel *m_lock; ///< Provider lock panel
};
@@ -446,7 +571,9 @@ public:
m_prov(prov),
m_cfg(cfg),
m_target(pszCredTarget),
m_cred(cfg.m_module),
m_has_own(false),
m_cred_own(cfg.m_module),
m_cred_preshared(cfg.m_module),
wxEAPCredentialsConfigPanelBase(parent)
{
// Load and set icon.
@@ -473,7 +600,13 @@ protected:
else
m_preshared->SetValue(true);
m_cred = *(_Tcred*)m_cfg.m_preshared.get();
if (m_cfg.m_allow_save) {
RetrieveOwnCredentials();
m_timer_own.Start(3000);
}
m_cred_preshared = *(_Tcred*)m_cfg.m_preshared.get();
UpdatePresharedIdentity();
return wxEAPCredentialsConfigPanelBase::TransferDataToWindow();
}
@@ -486,51 +619,31 @@ protected:
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
m_cfg.m_use_preshared = !m_own->GetValue();
*m_cfg.m_preshared = m_cred;
*m_cfg.m_preshared = m_cred_preshared;
}
return true;
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
virtual void OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
DWORD dwResult;
if (m_cfg.m_allow_save) {
bool has_own;
std::unique_ptr<CREDENTIAL, winstd::CredFree_delete<CREDENTIAL> > cred;
if (CredRead(m_cred.target_name(m_target.c_str()).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
m_own_identity->SetValue(cred->UserName && cred->UserName[0] != 0 ? cred->UserName : _("<blank>"));
has_own = true;
} else if ((dwResult = GetLastError()) == ERROR_NOT_FOUND) {
m_own_identity->Clear();
has_own = false;
} else {
m_own_identity->SetValue(wxString::Format(_("<error %u>"), dwResult));
has_own = true;
}
if (m_own->GetValue()) {
m_own_identity->Enable(true);
m_own_set ->Enable(true);
m_own_clear ->Enable(has_own);
m_own_clear ->Enable(m_has_own);
} else {
m_own_identity->Enable(false);
m_own_set ->Enable(false);
m_own_clear ->Enable(false);
}
} else {
m_own_identity->Clear();
m_own_identity->Enable(false);
m_own_set ->Enable(false);
m_own_clear ->Enable(false);
}
m_preshared_identity->SetValue(!m_cred.empty() ? m_cred.get_name() : _("<blank>"));
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
// To avoid run-away selection of radio buttons, disable the selected one last.
@@ -545,8 +658,8 @@ protected:
m_preshared_set ->Enable(false);
} else {
// This is not a provider-locked configuration. Selectively enable/disable controls.
m_own ->Enable(true);
m_preshared ->Enable(true);
m_own ->Enable(true);
m_preshared->Enable(true);
if (m_own->GetValue()) {
m_preshared_identity->Enable(false);
m_preshared_set ->Enable(false);
@@ -558,57 +671,96 @@ protected:
}
virtual void OnSetOwn(wxCommandEvent& event)
virtual void OnSetOwn(wxCommandEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
// Read credentials from Credential Manager
_Tcred cred(m_cfg.m_module);
try {
cred.retrieve(m_target.c_str());
} catch (winstd::win_runtime_error &err) {
if (err.number() != ERROR_NOT_FOUND)
wxLogError(winstd::tstring_printf(_("Error reading credentials from Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Reading credentials failed."));
}
// Read credentials from Credential Manager.
RetrieveOwnCredentials();
// Display credential prompt.
wxEAPCredentialsDialog dlg(m_prov, this);
_wxT *panel = new _wxT(m_prov, m_cfg, cred, m_target.c_str(), &dlg, true);
_wxT *panel = new _wxT(m_prov, m_cfg, m_cred_own, m_target.c_str(), &dlg, true);
dlg.AddContent(panel);
if (dlg.ShowModal() == wxID_OK && panel->GetRememberValue()) {
if (dlg.ShowModal() == wxID_OK && panel->GetRemember()) {
// Write credentials to credential manager.
try {
cred.store(m_target.c_str());
m_cred_own.store(m_target.c_str());
m_has_own = TRUE;
UpdateOwnIdentity();
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
RetrieveOwnCredentials();
} catch (...) {
wxLogError(_("Writing credentials failed."));
RetrieveOwnCredentials();
}
}
}
virtual void OnClearOwn(wxCommandEvent& event)
virtual void OnClearOwn(wxCommandEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
if (!CredDelete(m_cred.target_name(m_target.c_str()).c_str(), CRED_TYPE_GENERIC, 0))
if (CredDelete(m_cred_own.target_name(m_target.c_str()).c_str(), CRED_TYPE_GENERIC, 0)) {
m_own_identity->Clear();
m_has_own = false;
} else
wxLogError(_("Deleting credentials failed (error %u)."), GetLastError());
}
virtual void OnSetPreshared(wxCommandEvent& event)
virtual void OnSetPreshared(wxCommandEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
wxEAPCredentialsDialog dlg(m_prov, this);
_wxT *panel = new _wxT(m_prov, m_cfg, m_cred, _T(""), &dlg, true);
_wxT *panel = new _wxT(m_prov, m_cfg, m_cred_preshared, _T(""), &dlg, true);
dlg.AddContent(panel);
dlg.ShowModal();
if (dlg.ShowModal() == wxID_OK)
UpdatePresharedIdentity();
}
virtual void OnTimerOwn(wxTimerEvent& /*event*/)
{
RetrieveOwnCredentials();
}
void RetrieveOwnCredentials()
{
try {
m_cred_own.retrieve(m_target.c_str());
m_has_own = true;
UpdateOwnIdentity();
} catch (winstd::win_runtime_error &err) {
if (err.number() == ERROR_NOT_FOUND) {
m_own_identity->Clear();
m_has_own = false;
} else {
m_own_identity->SetValue(wxString::Format(_("<error %u>"), err.number()));
m_has_own = true;
}
} catch (...) {
m_own_identity->SetValue(_("<error>"));
m_has_own = true;
}
}
inline void UpdateOwnIdentity()
{
wxString identity(m_cred_own.get_identity());
m_own_identity->SetValue(
!identity.empty() ? identity :
m_cred_own.empty() ? _("<empty>") : _("<blank ID>"));
}
inline void UpdatePresharedIdentity()
{
wxString identity(m_cred_preshared.get_identity());
m_preshared_identity->SetValue(
!identity.empty() ? identity :
m_cred_preshared.empty() ? _("<empty>") : _("<blank ID>"));
}
/// \endcond
@@ -619,16 +771,18 @@ protected:
winstd::tstring m_target; ///< Credential Manager target
private:
_Tcred m_cred; ///< Temporary credential data
bool m_has_own; ///< Does the user has (some sort of) credentials stored in Credential Manager?
_Tcred m_cred_own; ///< Temporary own credential data
_Tcred m_cred_preshared; ///< Temporary pre-shared credential data
};
template <class _Tcred, class _Tbase>
class wxEAPCredentialsPanelBase : public _Tbase
class wxEAPCredentialsPanel : public _Tbase
{
private:
/// \cond internal
typedef wxEAPCredentialsPanelBase<_Tcred, _Tbase> _Tthis;
typedef wxEAPCredentialsPanel<_Tcred, _Tbase> _Tthis;
/// \endcond
public:
@@ -642,7 +796,7 @@ public:
/// \param[in] parent Parent window
/// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled.
///
wxEAPCredentialsPanelBase(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, _Tcred &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false) :
wxEAPCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, _Tcred &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false) :
m_prov(prov),
m_cfg(cfg),
m_cred(cred),
@@ -650,20 +804,14 @@ public:
m_is_config(is_config),
_Tbase(parent)
{
this->Connect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(_Tthis::OnUpdateUI));
}
virtual ~wxEAPCredentialsPanelBase()
{
this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(_Tthis::OnUpdateUI));
}
inline void SetRememberValue(bool val)
virtual void SetRemember(bool val)
{
return m_remember->SetValue(val);
}
inline bool GetRememberValue() const
virtual bool GetRemember() const
{
return m_remember->GetValue();
}
@@ -671,10 +819,8 @@ public:
protected:
/// \cond internal
virtual void OnUpdateUI(wxUpdateUIEvent& event)
virtual bool TransferDataToWindow()
{
UNREFERENCED_PARAMETER(event);
if (m_is_config) {
// Configuration mode
// Always store credentials (somewhere).
@@ -689,6 +835,8 @@ protected:
m_remember->SetValue(false);
m_remember->Enable(false);
}
return _Tbase::TransferDataToWindow();
}
/// \endcond
@@ -703,7 +851,7 @@ protected:
template <class _Tcred, class _Tbase>
class wxPasswordCredentialsPanel : public wxEAPCredentialsPanelBase<_Tcred, _Tbase>
class wxPasswordCredentialsPanel : public wxEAPCredentialsPanel<_Tcred, _Tbase>
{
public:
///
@@ -717,7 +865,7 @@ public:
/// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled.
///
wxPasswordCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, _Tcred &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false) :
wxEAPCredentialsPanelBase<_Tcred, _Tbase>(prov, cfg, cred, pszCredTarget, parent, is_config)
wxEAPCredentialsPanel<_Tcred, _Tbase>(prov, cfg, cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
winstd::library lib_shell32;
@@ -727,7 +875,7 @@ public:
bool layout = false;
if (!m_prov.m_lbl_alt_credential.empty()) {
m_credentials_label->SetLabel(m_prov.m_lbl_alt_credential);
m_credentials_label->Wrap( 446 );
m_credentials_label->Wrap( 445 );
layout = true;
}
@@ -754,12 +902,20 @@ protected:
m_identity->SetSelection(0, -1);
m_password->SetValue(m_cred.m_password.empty() ? wxEmptyString : s_dummy_password);
return wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataToWindow();
if (!m_is_config && m_cfg.m_use_preshared) {
// Credential prompt mode & Using pre-shared credentials
m_identity_label->Enable(false);
m_identity ->Enable(false);
m_password_label->Enable(false);
m_password ->Enable(false);
}
return wxEAPCredentialsPanel<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
if (!wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataFromWindow())
if (!wxEAPCredentialsPanel<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataFromWindow())
return false;
m_cred.m_identity = m_identity->GetValue();
@@ -772,19 +928,6 @@ protected:
return true;
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
if (!m_is_config && m_cfg.m_use_preshared) {
// Credential prompt mode & Using pre-shared credentials
m_identity_label->Enable(false);
m_identity ->Enable(false);
m_password_label->Enable(false);
m_password ->Enable(false);
}
wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::OnUpdateUI(event);
}
/// \endcond
private:
@@ -826,6 +969,36 @@ inline wxString wxEAPGetProviderName(const std::wstring &id)
}
inline void wxInitializeConfig()
{
wxConfigBase *cfgPrev = wxConfigBase::Set(new wxConfig(wxT(PRODUCT_NAME_STR), wxT(VENDOR_NAME_STR)));
if (cfgPrev) wxDELETE(cfgPrev);
}
inline bool wxInitializeLocale(wxLocale &locale)
{
// Read language from configuration.
wxLanguage lang_code;
wxString lang;
if (wxConfigBase::Get()->Read(wxT("Language"), &lang)) {
const wxLanguageInfo *lang_info = wxLocale::FindLanguageInfo(lang);
lang_code = lang_info ? (wxLanguage)lang_info->Language : wxLANGUAGE_DEFAULT;
} else
lang_code = wxLANGUAGE_DEFAULT;
if (wxLocale::IsAvailable(lang_code)) {
// Language is "available". Well... Known actually.
wxString sPath;
if (wxConfigBase::Get()->Read(wxT("LocalizationRepositoryPath"), &sPath))
locale.AddCatalogLookupPathPrefix(sPath);
return locale.Init(lang_code);
}
return false;
}
namespace eap
{
class monitor_ui

48
lib/EAPBase_UI/include/wxEAP_UIBase.h Normal file
View File

@@ -0,0 +1,48 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 G<>ANT
This file is part of G<>ANTLink.
G<>ANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
G<>ANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with G<>ANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
///
/// Base class for all credential entry panel that must provide "Remember" credentials checkbox
///
class wxEAPCredentialsPanelBase;
#pragma once
#include <wx/panel.h>
class wxEAPCredentialsPanelBase : public wxPanel
{
public:
///
/// Constructs a wxPanel with "Remember" credentials checkbox
///
wxEAPCredentialsPanelBase(wxWindow *parent,
wxWindowID winid = wxID_ANY,
const wxPoint& pos = wxDefaultPosition,
const wxSize& size = wxDefaultSize,
long style = wxTAB_TRAVERSAL | wxNO_BORDER,
const wxString& name = wxPanelNameStr) : wxPanel(parent, winid, pos, size, style, name)
{
}
virtual void SetRemember(bool val) = 0;
virtual bool GetRemember() const = 0;
};

291
lib/EAPBase_UI/res/wxEAP_UI.cpp
View File

@@ -34,10 +34,20 @@ wxEAPConfigDialogBase::wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id, c
wxBoxSizer* sb_bottom_horiz_inner;
sb_bottom_horiz_inner = new wxBoxSizer( wxHORIZONTAL );
m_advanced = new wxButton( this, wxID_ANY, _("Advanced..."), wxDefaultPosition, wxDefaultSize, 0 );
m_advanced->SetToolTip( _("Opens dialog with provider settings") );
m_prov_add = new wxButton( this, wxID_ANY, _("+"), wxDefaultPosition, wxSize( 30,-1 ), 0 );
m_prov_add->SetToolTip( _("Adds new provider") );
sb_bottom_horiz_inner->Add( m_advanced, 0, wxALL, 5 );
sb_bottom_horiz_inner->Add( m_prov_add, 0, wxALL, 5 );
m_prov_remove = new wxButton( this, wxID_ANY, _("-"), wxDefaultPosition, wxSize( 30,-1 ), 0 );
m_prov_remove->SetToolTip( _("Removes selected provider") );
sb_bottom_horiz_inner->Add( m_prov_remove, 0, wxALL, 5 );
m_prov_advanced = new wxButton( this, wxID_ANY, _("Advanced..."), wxDefaultPosition, wxDefaultSize, 0 );
m_prov_advanced->SetToolTip( _("Opens dialog with provider settings") );
sb_bottom_horiz_inner->Add( m_prov_advanced, 0, wxALL, 5 );
sb_bottom_horiz->Add( sb_bottom_horiz_inner, 1, wxEXPAND, 5 );
@@ -62,7 +72,9 @@ wxEAPConfigDialogBase::wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id, c
// Connect Events
this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) );
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPConfigDialogBase::OnUpdateUI ) );
m_advanced->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnAdvanced ), NULL, this );
m_prov_add->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvAdd ), NULL, this );
m_prov_remove->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvRemove ), NULL, this );
m_prov_advanced->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvAdvanced ), NULL, this );
}
wxEAPConfigDialogBase::~wxEAPConfigDialogBase()
@@ -70,7 +82,9 @@ wxEAPConfigDialogBase::~wxEAPConfigDialogBase()
// Disconnect Events
this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) );
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPConfigDialogBase::OnUpdateUI ) );
m_advanced->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnAdvanced ), NULL, this );
m_prov_add->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvAdd ), NULL, this );
m_prov_remove->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvRemove ), NULL, this );
m_prov_advanced->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnProvAdvanced ), NULL, this );
}
@@ -115,6 +129,48 @@ wxEAPGeneralDialogBase::~wxEAPGeneralDialogBase()
}
wxEAPCredentialsConnectionDialogBase::wxEAPCredentialsConnectionDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style )
{
this->SetSizeHints( wxDefaultSize, wxDefaultSize );
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_banner = new wxEAPBannerPanel( this );
sb_content->Add( m_banner, 0, wxEXPAND|wxBOTTOM, 5 );
m_providers = new wxNotebook( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, 0 );
m_providers->SetExtraStyle( wxWS_EX_VALIDATE_RECURSIVELY );
sb_content->Add( m_providers, 1, wxEXPAND | wxALL, 5 );
m_buttons = new wxStdDialogButtonSizer();
m_buttonsOK = new wxButton( this, wxID_OK );
m_buttons->AddButton( m_buttonsOK );
m_buttonsCancel = new wxButton( this, wxID_CANCEL );
m_buttons->AddButton( m_buttonsCancel );
m_buttons->Realize();
sb_content->Add( m_buttons, 0, wxEXPAND|wxALL, 5 );
this->SetSizer( sb_content );
this->Layout();
sb_content->Fit( this );
// Connect Events
this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPCredentialsConnectionDialogBase::OnInitDialog ) );
}
wxEAPCredentialsConnectionDialogBase::~wxEAPCredentialsConnectionDialogBase()
{
// Disconnect Events
this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPCredentialsConnectionDialogBase::OnInitDialog ) );
}
wxEAPBannerPanelBase::wxEAPBannerPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
this->SetBackgroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_HIGHLIGHT ) );
@@ -183,7 +239,7 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
sb_credentials_vert = new wxBoxSizer( wxVERTICAL );
m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Manage credentials used to connect."), wxDefaultPosition, wxDefaultSize, 0 );
m_credentials_label->Wrap( 446 );
m_credentials_label->Wrap( 445 );
sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_cred_radio;
@@ -272,12 +328,14 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
this->SetSizer( sb_credentials );
this->Layout();
m_timer_own.SetOwner( this, wxID_ANY );
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPCredentialsConfigPanelBase::OnUpdateUI ) );
m_own_clear->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_own_set->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_preshared_set->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
this->Connect( wxID_ANY, wxEVT_TIMER, wxTimerEventHandler( wxEAPCredentialsConfigPanelBase::OnTimerOwn ) );
}
wxEAPCredentialsConfigPanelBase::~wxEAPCredentialsConfigPanelBase()
@@ -287,10 +345,11 @@ wxEAPCredentialsConfigPanelBase::~wxEAPCredentialsConfigPanelBase()
m_own_clear->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_own_set->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_preshared_set->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
this->Disconnect( wxID_ANY, wxEVT_TIMER, wxTimerEventHandler( wxEAPCredentialsConfigPanelBase::OnTimerOwn ) );
}
wxEAPCredentialsPassPanelBase::wxEAPCredentialsPassPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
wxEAPCredentialsPassPanelBase::wxEAPCredentialsPassPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxEAPCredentialsPanelBase( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_credentials;
sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Client Credentials") ), wxVERTICAL );
@@ -305,7 +364,7 @@ wxEAPCredentialsPassPanelBase::wxEAPCredentialsPassPanelBase( wxWindow* parent,
sb_credentials_vert = new wxBoxSizer( wxVERTICAL );
m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please provide your user ID and password."), wxDefaultPosition, wxDefaultSize, 0 );
m_credentials_label->Wrap( 446 );
m_credentials_label->Wrap( 445 );
sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 );
wxFlexGridSizer* sb_credentials_tbl;
@@ -355,10 +414,114 @@ wxEAPCredentialsPassPanelBase::~wxEAPCredentialsPassPanelBase()
{
}
wxEAPProviderIdentityPanelBase::wxEAPProviderIdentityPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
wxEAPProviderContactInfoPanelBase::wxEAPProviderContactInfoPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_provider_contact;
sb_provider_contact = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Your Organization") ), wxVERTICAL );
wxBoxSizer* sb_provider_contact_horiz;
sb_provider_contact_horiz = new wxBoxSizer( wxHORIZONTAL );
m_provider_contact_icon = new wxStaticBitmap( sb_provider_contact->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_contact_horiz->Add( m_provider_contact_icon, 0, wxALL, 5 );
wxBoxSizer* sb_provider_contact_vert;
sb_provider_contact_vert = new wxBoxSizer( wxVERTICAL );
m_provider_contact_label = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _("Describe your organization to customize user prompts. When organization is introduced, end-users find program messages easier to understand and act."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_contact_label->Wrap( 445 );
sb_provider_contact_vert->Add( m_provider_contact_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_provider_name;
sb_provider_name = new wxBoxSizer( wxVERTICAL );
m_provider_name_label = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _("Your organization &name:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_label->Wrap( -1 );
sb_provider_name->Add( m_provider_name_label, 0, wxBOTTOM, 5 );
m_provider_name = new wxTextCtrl( sb_provider_contact->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name->SetToolTip( _("Your organization name as it will appear on helpdesk contact notifications") );
sb_provider_name->Add( m_provider_name, 0, wxEXPAND|wxBOTTOM, 5 );
m_provider_name_note = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _("(Keep it short, please)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_note->Wrap( -1 );
sb_provider_name->Add( m_provider_name_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_contact_vert->Add( sb_provider_name, 0, wxEXPAND|wxALL, 5 );
wxBoxSizer* sb_provider_helpdesk;
sb_provider_helpdesk = new wxBoxSizer( wxVERTICAL );
m_provider_helpdesk_label = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _("Helpdesk contact &information:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_helpdesk_label->Wrap( -1 );
sb_provider_helpdesk->Add( m_provider_helpdesk_label, 0, wxBOTTOM, 5 );
wxFlexGridSizer* sb_provider_helpdesk_inner;
sb_provider_helpdesk_inner = new wxFlexGridSizer( 0, 2, 0, 0 );
sb_provider_helpdesk_inner->AddGrowableCol( 1 );
sb_provider_helpdesk_inner->SetFlexibleDirection( wxBOTH );
sb_provider_helpdesk_inner->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED );
m_provider_web_icon = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _(""), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web_icon->Wrap( -1 );
m_provider_web_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_web_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_web = new wxTextCtrl( sb_provider_contact->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web->SetToolTip( _("Your helpdesk website address") );
sb_provider_helpdesk_inner->Add( m_provider_web, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_email_icon = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _("*"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email_icon->Wrap( -1 );
m_provider_email_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_email_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_email = new wxTextCtrl( sb_provider_contact->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email->SetToolTip( _("Your helpdesk e-mail address") );
sb_provider_helpdesk_inner->Add( m_provider_email, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_phone_icon = new wxStaticText( sb_provider_contact->GetStaticBox(), wxID_ANY, _(")"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone_icon->Wrap( -1 );
m_provider_phone_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_phone_icon, 0, wxALIGN_CENTER_VERTICAL|wxRIGHT, 5 );
m_provider_phone = new wxTextCtrl( sb_provider_contact->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone->SetToolTip( _("Your helpdesk phone number") );
sb_provider_helpdesk_inner->Add( m_provider_phone, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sb_provider_helpdesk->Add( sb_provider_helpdesk_inner, 0, wxEXPAND, 5 );
sb_provider_contact_vert->Add( sb_provider_helpdesk, 0, wxEXPAND|wxALL, 5 );
sb_provider_contact_horiz->Add( sb_provider_contact_vert, 1, wxEXPAND, 5 );
sb_provider_contact->Add( sb_provider_contact_horiz, 1, wxEXPAND, 5 );
this->SetSizer( sb_provider_contact );
this->Layout();
}
wxEAPProviderContactInfoPanelBase::~wxEAPProviderContactInfoPanelBase()
{
}
wxEAPProviderIDPanelBase::wxEAPProviderIDPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_provider_id;
sb_provider_id = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Your Organization") ), wxVERTICAL );
sb_provider_id = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Provider Unique Identifier") ), wxVERTICAL );
wxBoxSizer* sb_provider_id_horiz;
sb_provider_id_horiz = new wxBoxSizer( wxHORIZONTAL );
@@ -369,80 +532,28 @@ wxEAPProviderIdentityPanelBase::wxEAPProviderIdentityPanelBase( wxWindow* parent
wxBoxSizer* sb_provider_id_vert;
sb_provider_id_vert = new wxBoxSizer( wxVERTICAL );
m_provider_id_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Describe your organization to customize user prompts. When organization is introduced, end-users find program messages easier to understand and act."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id_label->Wrap( 446 );
sb_provider_id_vert->Add( m_provider_id_label, 0, wxALL|wxEXPAND, 5 );
m_provider_id_label_outer = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Assign your organization a unique ID to allow sharing the same credential set across different network profiles."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id_label_outer->Wrap( 445 );
sb_provider_id_vert->Add( m_provider_id_label_outer, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_provider_name;
sb_provider_name = new wxBoxSizer( wxVERTICAL );
wxBoxSizer* sb_provider_id_inner;
sb_provider_id_inner = new wxBoxSizer( wxVERTICAL );
m_provider_name_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Your organization &name:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_label->Wrap( -1 );
sb_provider_name->Add( m_provider_name_label, 0, wxBOTTOM, 5 );
m_provider_id_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Provider unique &identifier:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id_label->Wrap( -1 );
sb_provider_id_inner->Add( m_provider_id_label, 0, wxBOTTOM, 5 );
m_provider_name = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name->SetToolTip( _("Your organization name as it will appear on helpdesk contact notifications") );
m_provider_id = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id->SetToolTip( _("Your organization ID to assign same credentials from other profiles") );
sb_provider_name->Add( m_provider_name, 0, wxEXPAND|wxBOTTOM, 5 );
sb_provider_id_inner->Add( m_provider_id, 0, wxEXPAND|wxBOTTOM, 5 );
m_provider_name_note = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("(Keep it short, please)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_note->Wrap( -1 );
sb_provider_name->Add( m_provider_name_note, 0, wxALIGN_RIGHT, 5 );
m_provider_id_note = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("(Examples: contoso.com, DOT-UK, etc.)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id_note->Wrap( -1 );
sb_provider_id_inner->Add( m_provider_id_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_id_vert->Add( sb_provider_name, 0, wxEXPAND|wxALL, 5 );
wxBoxSizer* sb_provider_helpdesk;
sb_provider_helpdesk = new wxBoxSizer( wxVERTICAL );
m_provider_helpdesk_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Helpdesk contact &information:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_helpdesk_label->Wrap( -1 );
sb_provider_helpdesk->Add( m_provider_helpdesk_label, 0, wxBOTTOM, 5 );
wxFlexGridSizer* sb_provider_helpdesk_inner;
sb_provider_helpdesk_inner = new wxFlexGridSizer( 0, 2, 0, 0 );
sb_provider_helpdesk_inner->AddGrowableCol( 1 );
sb_provider_helpdesk_inner->SetFlexibleDirection( wxBOTH );
sb_provider_helpdesk_inner->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED );
m_provider_web_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _(""), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web_icon->Wrap( -1 );
m_provider_web_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_web_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_web = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web->SetToolTip( _("Your helpdesk website address") );
sb_provider_helpdesk_inner->Add( m_provider_web, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_email_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("*"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email_icon->Wrap( -1 );
m_provider_email_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_email_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_email = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email->SetToolTip( _("Your helpdesk e-mail address") );
sb_provider_helpdesk_inner->Add( m_provider_email, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_phone_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _(")"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone_icon->Wrap( -1 );
m_provider_phone_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_phone_icon, 0, wxALIGN_CENTER_VERTICAL|wxRIGHT, 5 );
m_provider_phone = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone->SetToolTip( _("Your helpdesk phone number") );
sb_provider_helpdesk_inner->Add( m_provider_phone, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sb_provider_helpdesk->Add( sb_provider_helpdesk_inner, 1, wxEXPAND, 5 );
sb_provider_id_vert->Add( sb_provider_helpdesk, 1, wxEXPAND, 5 );
sb_provider_id_vert->Add( sb_provider_id_inner, 0, wxEXPAND|wxALL, 5 );
sb_provider_id_horiz->Add( sb_provider_id_vert, 1, wxEXPAND, 5 );
@@ -453,16 +564,10 @@ wxEAPProviderIdentityPanelBase::wxEAPProviderIdentityPanelBase( wxWindow* parent
this->SetSizer( sb_provider_id );
this->Layout();
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderIdentityPanelBase::OnUpdateUI ) );
}
wxEAPProviderIdentityPanelBase::~wxEAPProviderIdentityPanelBase()
wxEAPProviderIDPanelBase::~wxEAPProviderIDPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderIdentityPanelBase::OnUpdateUI ) );
}
wxEAPProviderLockPanelBase::wxEAPProviderLockPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
@@ -480,21 +585,21 @@ wxEAPProviderLockPanelBase::wxEAPProviderLockPanelBase( wxWindow* parent, wxWind
sb_provider_lock_vert = new wxBoxSizer( wxVERTICAL );
m_provider_lock_label = new wxStaticText( sb_provider_lock->GetStaticBox(), wxID_ANY, _("Your configuration can be locked to prevent accidental modification by end-users. Users will only be allowed to enter credentials."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_lock_label->Wrap( 446 );
m_provider_lock_label->Wrap( 445 );
sb_provider_lock_vert->Add( m_provider_lock_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_provider_name;
sb_provider_name = new wxBoxSizer( wxVERTICAL );
wxBoxSizer* sb_provider_lock_inner;
sb_provider_lock_inner = new wxBoxSizer( wxVERTICAL );
m_provider_lock = new wxCheckBox( sb_provider_lock->GetStaticBox(), wxID_ANY, _("&Lock this configuration and prevent any further modification via user interface."), wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_name->Add( m_provider_lock, 0, wxEXPAND|wxBOTTOM, 5 );
sb_provider_lock_inner->Add( m_provider_lock, 0, wxEXPAND|wxBOTTOM, 5 );
m_provider_lock_note = new wxStaticText( sb_provider_lock->GetStaticBox(), wxID_ANY, _("(Warning: Once locked, you can not revert using this dialog!)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_lock_note->Wrap( -1 );
sb_provider_name->Add( m_provider_lock_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_lock_inner->Add( m_provider_lock_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_lock_vert->Add( sb_provider_name, 0, wxEXPAND|wxALL, 5 );
sb_provider_lock_vert->Add( sb_provider_lock_inner, 0, wxEXPAND|wxALL, 5 );
sb_provider_lock_horiz->Add( sb_provider_lock_vert, 1, wxEXPAND, 5 );
@@ -505,14 +610,8 @@ wxEAPProviderLockPanelBase::wxEAPProviderLockPanelBase( wxWindow* parent, wxWind
this->SetSizer( sb_provider_lock );
this->Layout();
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderLockPanelBase::OnUpdateUI ) );
}
wxEAPProviderLockPanelBase::~wxEAPProviderLockPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderLockPanelBase::OnUpdateUI ) );
}

1005
lib/EAPBase_UI/res/wxEAP_UI.fbp
View File

File diff suppressed because it is too large Load Diff

84
lib/EAPBase_UI/res/wxEAP_UI.h
View File

@@ -11,6 +11,9 @@
#include <wx/artprov.h>
#include <wx/xrc/xmlres.h>
#include <wx/intl.h>
class wxEAPCredentialsPanelBase;
#include "../include/wxEAP_UIBase.h"
class wxEAPBannerPanel;
#include <wx/gdicmn.h>
#include <wx/font.h>
@@ -30,6 +33,7 @@ class wxEAPBannerPanel;
#include <wx/radiobut.h>
#include <wx/textctrl.h>
#include <wx/statbox.h>
#include <wx/timer.h>
#include <wx/checkbox.h>
///////////////////////////////////////////////////////////////////////////
@@ -44,7 +48,9 @@ class wxEAPConfigDialogBase : public wxDialog
protected:
wxEAPBannerPanel *m_banner;
wxNotebook* m_providers;
wxButton* m_advanced;
wxButton* m_prov_add;
wxButton* m_prov_remove;
wxButton* m_prov_advanced;
wxStdDialogButtonSizer* m_buttons;
wxButton* m_buttonsOK;
wxButton* m_buttonsCancel;
@@ -52,12 +58,14 @@ class wxEAPConfigDialogBase : public wxDialog
// Virtual event handlers, overide them in your derived class
virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); }
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
virtual void OnAdvanced( wxCommandEvent& event ) { event.Skip(); }
virtual void OnProvAdd( wxCommandEvent& event ) { event.Skip(); }
virtual void OnProvRemove( wxCommandEvent& event ) { event.Skip(); }
virtual void OnProvAdvanced( wxCommandEvent& event ) { event.Skip(); }
public:
wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("EAP Method Configuration"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE );
wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("EAP Connection Configuration"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE );
~wxEAPConfigDialogBase();
};
@@ -87,6 +95,31 @@ class wxEAPGeneralDialogBase : public wxDialog
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPCredentialsConnectionDialogBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPCredentialsConnectionDialogBase : public wxDialog
{
private:
protected:
wxEAPBannerPanel *m_banner;
wxStdDialogButtonSizer* m_buttons;
wxButton* m_buttonsOK;
wxButton* m_buttonsCancel;
// Virtual event handlers, overide them in your derived class
virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); }
public:
wxNotebook* m_providers;
wxEAPCredentialsConnectionDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("EAP Credentials"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE );
~wxEAPCredentialsConnectionDialogBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPBannerPanelBase
///////////////////////////////////////////////////////////////////////////////
@@ -140,12 +173,14 @@ class wxEAPCredentialsConfigPanelBase : public wxPanel
wxRadioButton* m_preshared;
wxTextCtrl* m_preshared_identity;
wxButton* m_preshared_set;
wxTimer m_timer_own;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
virtual void OnClearOwn( wxCommandEvent& event ) { event.Skip(); }
virtual void OnSetOwn( wxCommandEvent& event ) { event.Skip(); }
virtual void OnSetPreshared( wxCommandEvent& event ) { event.Skip(); }
virtual void OnTimerOwn( wxTimerEvent& event ) { event.Skip(); }
public:
@@ -158,7 +193,7 @@ class wxEAPCredentialsConfigPanelBase : public wxPanel
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPCredentialsPassPanelBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPCredentialsPassPanelBase : public wxPanel
class wxEAPCredentialsPassPanelBase : public wxEAPCredentialsPanelBase
{
private:
@@ -179,15 +214,15 @@ class wxEAPCredentialsPassPanelBase : public wxPanel
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPProviderIdentityPanelBase
/// Class wxEAPProviderContactInfoPanelBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPProviderIdentityPanelBase : public wxPanel
class wxEAPProviderContactInfoPanelBase : public wxPanel
{
private:
protected:
wxStaticBitmap* m_provider_id_icon;
wxStaticText* m_provider_id_label;
wxStaticBitmap* m_provider_contact_icon;
wxStaticText* m_provider_contact_label;
wxStaticText* m_provider_name_label;
wxTextCtrl* m_provider_name;
wxStaticText* m_provider_name_note;
@@ -198,15 +233,32 @@ class wxEAPProviderIdentityPanelBase : public wxPanel
wxTextCtrl* m_provider_email;
wxStaticText* m_provider_phone_icon;
wxTextCtrl* m_provider_phone;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:
wxEAPProviderIdentityPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPProviderIdentityPanelBase();
wxEAPProviderContactInfoPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPProviderContactInfoPanelBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPProviderIDPanelBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPProviderIDPanelBase : public wxPanel
{
private:
protected:
wxStaticBitmap* m_provider_id_icon;
wxStaticText* m_provider_id_label_outer;
wxStaticText* m_provider_id_label;
wxTextCtrl* m_provider_id;
wxStaticText* m_provider_id_note;
public:
wxEAPProviderIDPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPProviderIDPanelBase();
};
@@ -222,10 +274,6 @@ class wxEAPProviderLockPanelBase : public wxPanel
wxStaticText* m_provider_lock_label;
wxCheckBox* m_provider_lock;
wxStaticText* m_provider_lock_note;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:

123
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@@ -95,7 +95,45 @@ wxEAPCredentialsDialog::wxEAPCredentialsDialog(const eap::config_provider &prov,
wxEAPGeneralDialog(parent, id, title, pos, size, style)
{
// Set banner title.
m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), wxEAPGetProviderName(prov.m_id).c_str()));
m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), wxEAPGetProviderName(prov.m_name).c_str()));
}
//////////////////////////////////////////////////////////////////////
// wxEAPCredentialsConnectionDialog
//////////////////////////////////////////////////////////////////////
wxEAPCredentialsConnectionDialog::wxEAPCredentialsConnectionDialog(wxWindow *parent, wxWindowID id, const wxString &title, const wxPoint &pos, const wxSize &size, long style) :
wxEAPCredentialsConnectionDialogBase(parent, id, title, pos, size, style)
{
// Set extra style here, as wxFormBuilder overrides all default flags.
this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY);
// Load window icons.
#ifdef __WINDOWS__
wxIconBundle icons;
icons.AddIcon(wxIcon(wxT("product.ico"), wxBITMAP_TYPE_ICO_RESOURCE, ::GetSystemMetrics(SM_CXSMICON), ::GetSystemMetrics(SM_CYSMICON)));
icons.AddIcon(wxIcon(wxT("product.ico"), wxBITMAP_TYPE_ICO_RESOURCE, ::GetSystemMetrics(SM_CXICON ), ::GetSystemMetrics(SM_CYICON )));
this->SetIcons(icons);
#else
this->SetIcon(wxIcon(wxICON(product.ico)));
#endif
// Set banner title.
m_banner->m_title->SetLabel(_("EAP Credentials"));
m_buttonsOK->SetDefault();
}
void wxEAPCredentialsConnectionDialog::OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
for (wxWindowList::compatibility_iterator provider = m_providers->GetChildren().GetFirst(); provider; provider = provider->GetNext()) {
wxWindow *prov = wxDynamicCast(provider->GetData(), wxWindow);
if (prov)
prov->GetEventHandler()->ProcessEvent(event);
}
}
@@ -223,7 +261,7 @@ wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provi
// wxEAPConfigWindow
//////////////////////////////////////////////////////////////////////
wxEAPConfigWindow::wxEAPConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
wxEAPConfigWindow::wxEAPConfigWindow(eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
wxScrolledWindow(parent, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxVSCROLL)
@@ -232,73 +270,54 @@ wxEAPConfigWindow::wxEAPConfigWindow(const eap::config_provider &prov, eap::conf
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPConfigWindow::OnInitDialog));
this->Connect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxEAPConfigWindow::OnUpdateUI));
}
wxEAPConfigWindow::~wxEAPConfigWindow()
{
// Disconnect Events
this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxEAPConfigWindow::OnUpdateUI));
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPConfigWindow::OnInitDialog));
}
void wxEAPConfigWindow::OnInitDialog(wxInitDialogEvent& event)
void wxEAPConfigWindow::OnInitDialog(wxInitDialogEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
// Call TransferDataToWindow() manually, as wxScrolledWindow somehow skips that.
TransferDataToWindow();
}
void wxEAPConfigWindow::OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
if (m_parent && m_parent->IsKindOf(wxCLASSINFO(wxNotebook))) {
// We're a notebook page. Set the ID of our provider as our page label.
wxNotebook *notebook = (wxNotebook*)m_parent;
int idx = notebook->FindPage(this);
if (idx != wxNOT_FOUND)
notebook->SetPageText(idx, wxEAPGetProviderName(m_prov.m_id));
} else
this->SetLabel(wxEAPGetProviderName(m_prov.m_id));
}
//////////////////////////////////////////////////////////////////////
// wxEAPProviderIdentityPanel
// wxEAPProviderContactInfoPanel
//////////////////////////////////////////////////////////////////////
wxEAPProviderIdentityPanel::wxEAPProviderIdentityPanel(eap::config_provider &prov, wxWindow* parent) :
wxEAPProviderContactInfoPanel::wxEAPProviderContactInfoPanel(eap::config_provider &prov, wxWindow* parent) :
m_prov(prov),
wxEAPProviderIdentityPanelBase(parent)
wxEAPProviderContactInfoPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
m_provider_id_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(259)));
m_provider_contact_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(259)));
}
bool wxEAPProviderIdentityPanel::TransferDataToWindow()
bool wxEAPProviderContactInfoPanel::TransferDataToWindow()
{
m_provider_name ->SetValue(m_prov.m_id );
m_provider_name ->SetValue(m_prov.m_name );
m_provider_web ->SetValue(m_prov.m_help_web );
m_provider_email->SetValue(m_prov.m_help_email);
m_provider_phone->SetValue(m_prov.m_help_phone);
return wxEAPProviderIdentityPanelBase::TransferDataToWindow();
return wxEAPProviderContactInfoPanelBase::TransferDataToWindow();
}
bool wxEAPProviderIdentityPanel::TransferDataFromWindow()
bool wxEAPProviderContactInfoPanel::TransferDataFromWindow()
{
wxCHECK(wxEAPProviderIdentityPanelBase::TransferDataFromWindow(), false);
wxCHECK(wxEAPProviderContactInfoPanelBase::TransferDataFromWindow(), false);
m_prov.m_id = m_provider_name ->GetValue();
m_prov.m_name = m_provider_name ->GetValue();
m_prov.m_help_web = m_provider_web ->GetValue();
m_prov.m_help_email = m_provider_email->GetValue();
m_prov.m_help_phone = m_provider_phone->GetValue();
@@ -307,6 +326,39 @@ bool wxEAPProviderIdentityPanel::TransferDataFromWindow()
}
//////////////////////////////////////////////////////////////////////
// wxEAPProviderIDPanel
//////////////////////////////////////////////////////////////////////
wxEAPProviderIDPanel::wxEAPProviderIDPanel(eap::config_provider &prov, wxWindow* parent) :
m_prov(prov),
wxEAPProviderIDPanelBase(parent)
{
// Load and set icon.
winstd::library lib_shell32;
if (lib_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
m_provider_id_icon->SetIcon(wxLoadIconFromResource(lib_shell32, MAKEINTRESOURCE(29)));
}
bool wxEAPProviderIDPanel::TransferDataToWindow()
{
m_provider_id->SetValue(m_prov.m_id);
return wxEAPProviderIDPanelBase::TransferDataToWindow();
}
bool wxEAPProviderIDPanel::TransferDataFromWindow()
{
wxCHECK(wxEAPProviderIDPanelBase::TransferDataFromWindow(), false);
m_prov.m_id = m_provider_id->GetValue();
return true;
}
//////////////////////////////////////////////////////////////////////
// wxEAPProviderLockPanel
//////////////////////////////////////////////////////////////////////
@@ -351,13 +403,16 @@ wxEAPConfigProvider::wxEAPConfigProvider(eap::config_provider &prov, wxWindow *p
// Set banner title.
m_banner->m_title->SetLabel(title);
m_identity = new wxEAPProviderIdentityPanel(prov, this);
m_contact = new wxEAPProviderContactInfoPanel(prov, this);
AddContent(m_contact);
m_identity = new wxEAPProviderIDPanel(prov, this);
AddContent(m_identity);
m_lock = new wxEAPProviderLockPanel(prov, this);
AddContent(m_lock);
m_identity->m_provider_name->SetFocusFromKbd();
m_contact->m_provider_name->SetFocusFromKbd();
}

1
lib/Events/build/Events.props
View File

@@ -10,6 +10,7 @@
<ItemDefinitionGroup>
<ResourceCompile>
<AdditionalIncludeDirectories>temp\Events.$(Platform).$(Configuration).$(PlatformToolset);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>AFX_TARG_NEU;AFX_TARG_ENU;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
</ItemDefinitionGroup>
<ItemGroup />

BIN
lib/Events/res/EventsETW.man
View File

Binary file not shown.

2
lib/PAP/build/PAP.vcxproj
View File

@@ -81,11 +81,13 @@
<ItemGroup>
<ClInclude Include="..\include\Config.h" />
<ClInclude Include="..\include\Credentials.h" />
<ClInclude Include="..\include\Method.h" />
<ClInclude Include="..\src\StdAfx.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\src\Config.cpp" />
<ClCompile Include="..\src\Credentials.cpp" />
<ClCompile Include="..\src\Method.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>

6
lib/PAP/build/PAP.vcxproj.filters
View File

@@ -20,6 +20,9 @@
<ClInclude Include="..\include\Credentials.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\Method.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\src\StdAfx.cpp">
@@ -31,5 +34,8 @@
<ClCompile Include="..\src\Credentials.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Method.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
</Project>

10
lib/PAP/include/Config.h
View File

@@ -95,5 +95,15 @@ namespace eap
/// \returns `eap::type_pap`
///
virtual winstd::eap_type_t get_method_id() const;
///
/// Returns a string \c L"PAP"
///
virtual const wchar_t* get_method_str() const;
///
/// Creates a blank set of credentials suitable for this method
///
virtual credentials* make_credentials() const;
};
}

17
lib/PAP/include/Credentials.h
View File

@@ -105,17 +105,18 @@ namespace eap
/// 2. Pre-configured credentials
/// 3. Stored credentials
///
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
/// \param[in] cfg Method configuration
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be credentials_pap* type)
/// \param[in] cfg Method configuration (must be config_method_pap type)
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns
/// - \c true if credentials were set;
/// - \c false otherwise
/// - \c source_cache Credentials were obtained from EapHost cache
/// - \c source_preshared Credentials were set by method configuration
/// - \c source_storage Credentials were loaded from Windows Credential Manager
///
source_t combine(
_In_ const credentials_pap *cred_cached,
_In_ const config_method_pap &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
virtual source_t combine(
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
};
}

167
lib/PAP/include/Method.h Normal file
View File

@@ -0,0 +1,167 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 G<>ANT
This file is part of G<>ANTLink.
G<>ANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
G<>ANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with G<>ANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
namespace eap
{
///
/// PAP method
///
class method_pap;
}
#pragma once
#include "Config.h"
#include "Credentials.h"
#include "../../EAPBase/include/Method.h"
namespace eap
{
class method_pap : public method
{
public:
///
/// EAP-PAP packet (data)
///
class packet
{
public:
///
/// Constructs an empty packet
///
packet();
///
/// Copies a packet
///
/// \param[in] other Packet to copy from
///
packet(_In_ const packet &other);
///
/// Moves a packet
///
/// \param[in] other Packet to move from
///
packet(_Inout_ packet &&other);
///
/// Copies a packet
///
/// \param[in] other Packet to copy from
///
/// \returns Reference to this object
///
packet& operator=(_In_ const packet &other);
///
/// Moves a packet
///
/// \param[in] other Packet to move from
///
/// \returns Reference to this object
///
packet& operator=(_Inout_ packet &&other);
///
/// Empty the packet
///
void clear();
public:
EapCode m_code; ///< Packet code
unsigned char m_id; ///< Packet ID
sanitizing_blob m_data; ///< Packet data
};
public:
///
/// Constructs an EAP method
///
/// \param[in] mod EAP module to use for global services
/// \param[in] cfg Method configuration
/// \param[in] cred User credentials
///
method_pap(_In_ module &module, _In_ config_method_pap &cfg, _In_ credentials_pap &cred);
///
/// Moves an EAP method
///
/// \param[in] other EAP method to move from
///
method_pap(_Inout_ method_pap &&other);
///
/// Moves an EAP method
///
/// \param[in] other EAP method to move from
///
/// \returns Reference to this object
///
method_pap& operator=(_Inout_ method_pap &&other);
/// \name Packet processing
/// @{
///
/// Processes a packet received by EapHost from a supplicant.
///
/// \sa [EapPeerProcessRequestPacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363621.aspx)
///
virtual void process_request_packet(
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_In_ DWORD dwReceivedPacketSize,
_Inout_ EapPeerMethodOutput *pEapOutput);
///
/// Obtains a response packet from the EAP method.
///
/// \sa [EapPeerGetResponsePacket function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363610.aspx)
///
virtual void get_response_packet(
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Inout_ DWORD *pdwSendPacketSize);
///
/// Obtains the result of an authentication session from the EAP method.
///
/// \sa [EapPeerGetResult function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363611.aspx)
///
virtual void get_result(
_In_ EapPeerMethodResultReason reason,
_Inout_ EapPeerMethodResult *ppResult);
/// @}
protected:
credentials_pap &m_cred; ///< EAP-TLS user credentials
packet m_packet_res; ///< Response packet
enum {
phase_unknown = -1, ///< Unknown phase
phase_init = 0, ///< Handshake initialize
phase_finished, ///< Connection shut down
} m_phase, m_phase_prev; ///< What phase is our communication at?
};
}

12
lib/PAP/src/Config.cpp
View File

@@ -74,3 +74,15 @@ eap_type_t eap::config_method_pap::get_method_id() const
{
return eap_type_pap;
}
const wchar_t* eap::config_method_pap::get_method_str() const
{
return L"PAP";
}
eap::credentials* eap::config_method_pap::make_credentials() const
{
return new credentials_pap(m_module);
}

8
lib/PAP/src/Credentials.cpp
View File

@@ -76,13 +76,13 @@ LPCTSTR eap::credentials_pap::target_suffix() const
eap::credentials::source_t eap::credentials_pap::combine(
_In_ const credentials_pap *cred_cached,
_In_ const config_method_pap &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
{
if (cred_cached) {
// Using EAP service cached credentials.
*this = *cred_cached;
*this = *(credentials_pap*)cred_cached;
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank);
return source_cache;
}

283
lib/PAP/src/Method.cpp Normal file
View File

@@ -0,0 +1,283 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 G<>ANT
This file is part of G<>ANTLink.
G<>ANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
G<>ANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with G<>ANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
using namespace std;
using namespace winstd;
//////////////////////////////////////////////////////////////////////
// eap::method_pap::packet
//////////////////////////////////////////////////////////////////////
eap::method_pap::packet::packet() :
m_code((EapCode)0),
m_id(0)
{
}
eap::method_pap::packet::packet(_In_ const packet &other) :
m_code(other.m_code),
m_id (other.m_id ),
m_data(other.m_data)
{
}
eap::method_pap::packet::packet(_Inout_ packet &&other) :
m_code(std::move(other.m_code)),
m_id (std::move(other.m_id )),
m_data(std::move(other.m_data))
{
}
eap::method_pap::packet& eap::method_pap::packet::operator=(_In_ const packet &other)
{
if (this != std::addressof(other)) {
m_code = other.m_code;
m_id = other.m_id ;
m_data = other.m_data;
}
return *this;
}
eap::method_pap::packet& eap::method_pap::packet::operator=(_Inout_ packet &&other)
{
if (this != std::addressof(other)) {
m_code = std::move(other.m_code);
m_id = std::move(other.m_id );
m_data = std::move(other.m_data);
}
return *this;
}
void eap::method_pap::packet::clear()
{
m_code = (EapCode)0;
m_id = 0;
m_data.clear();
}
//////////////////////////////////////////////////////////////////////
// eap::method_pap
//////////////////////////////////////////////////////////////////////
eap::method_pap::method_pap(_In_ module &module, _In_ config_method_pap &cfg, _In_ credentials_pap &cred) :
m_cred(cred),
m_phase(phase_unknown),
m_phase_prev(phase_unknown),
method(module, cfg, cred)
{
}
eap::method_pap::method_pap(_Inout_ method_pap &&other) :
m_cred ( other.m_cred ),
m_packet_res(std::move(other.m_packet_res)),
m_phase (std::move(other.m_phase )),
m_phase_prev(std::move(other.m_phase_prev)),
method (std::move(other ))
{
}
eap::method_pap& eap::method_pap::operator=(_Inout_ method_pap &&other)
{
if (this != std::addressof(other)) {
assert(std::addressof(m_cred) == std::addressof(other.m_cred)); // Move method with same credentials only!
(method&)*this = std::move(other );
m_packet_res = std::move(other.m_packet_res);
m_phase = std::move(other.m_phase );
m_phase_prev = std::move(other.m_phase_prev);
}
return *this;
}
void eap::method_pap::process_request_packet(
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_In_ DWORD dwReceivedPacketSize,
_Inout_ EapPeerMethodOutput *pEapOutput)
{
assert(pReceivedPacket && dwReceivedPacketSize >= 4);
assert(pEapOutput);
m_module.log_event(&EAPMETHOD_PACKET_RECV, event_data((unsigned int)eap_type_pap), event_data((unsigned int)dwReceivedPacketSize - 4), event_data::blank);
if (pReceivedPacket->Id == 0) {
m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_pap), event_data::blank);
m_phase = phase_init;
}
m_phase_prev = m_phase;
switch (m_phase) {
case phase_init: {
// Convert username and password to UTF-8.
sanitizing_string identity_utf8, password_utf8;
WideCharToMultiByte(CP_UTF8, 0, m_cred.m_identity.c_str(), (int)m_cred.m_identity.length(), identity_utf8, NULL, NULL);
WideCharToMultiByte(CP_UTF8, 0, m_cred.m_password.c_str(), (int)m_cred.m_password.length(), password_utf8, NULL, NULL);
// PAP passwords must be padded to 16B boundary according to RFC 5281. Will not add random extra padding here, as length obfuscation should be done by outer transport layers.
size_t padding_password_ex = (16 - password_utf8.length()) % 16;
password_utf8.append(padding_password_ex, 0);
size_t
size_identity = identity_utf8.length(),
size_password = password_utf8.length(),
padding_identity = (4 - size_identity ) % 4,
padding_password = (4 - password_utf8.length()) % 4,
size_identity_outer,
size_password_outer;
m_packet_res.m_code = EapCodeResponse;
m_packet_res.m_id = pReceivedPacket->Id;
m_packet_res.m_data.clear();
m_packet_res.m_data.reserve(
(size_identity_outer =
4 + // Diameter AVP Code
4 + // Diameter AVP Flags & Length
size_identity) + // Identity
padding_identity + // Identity padding
(size_password_outer =
4 + // Diameter AVP Code
4 + // Diameter AVP Flags & Length
size_password) + // Password
padding_password); // Password padding
// Diameter AVP Code User-Name (0x00000001)
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x01);
// Diameter AVP Flags & Length
unsigned int identity_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_identity_outer);
m_packet_res.m_data.insert(m_packet_res.m_data.end(), (unsigned char*)&identity_hdr, (unsigned char*)(&identity_hdr + 1));
// Identity
m_packet_res.m_data.insert(m_packet_res.m_data.end(), identity_utf8.begin(), identity_utf8.end());
m_packet_res.m_data.insert(m_packet_res.m_data.end(), padding_identity, 0);
// Diameter AVP Code User-Password (0x00000002)
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x00);
m_packet_res.m_data.push_back(0x02);
// Diameter AVP Flags & Length
unsigned int password_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_password_outer);
m_packet_res.m_data.insert(m_packet_res.m_data.end(), (unsigned char*)&password_hdr, (unsigned char*)(&password_hdr + 1));
// Password
m_packet_res.m_data.insert(m_packet_res.m_data.end(), password_utf8.begin(), password_utf8.end());
m_packet_res.m_data.insert(m_packet_res.m_data.end(), padding_password, 0);
m_phase = phase_finished;
break;
}
case phase_finished:
break;
}
pEapOutput->fAllowNotifications = TRUE;
pEapOutput->action = EapPeerMethodResponseActionSend;
}
void eap::method_pap::get_response_packet(
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Inout_ DWORD *pdwSendPacketSize)
{
assert(pdwSendPacketSize);
assert(pSendPacket);
unsigned int
size_data = (unsigned int)m_packet_res.m_data.size(),
size_packet = size_data + 4;
unsigned short size_packet_limit = (unsigned short)std::min<unsigned int>(*pdwSendPacketSize, USHRT_MAX);
// Not fragmented.
if (size_packet <= size_packet_limit) {
// No need to fragment the packet.
m_module.log_event(&EAPMETHOD_PACKET_SEND, event_data((unsigned int)eap_type_pap), event_data((unsigned int)size_data), event_data::blank);
} else {
// But it should be fragmented.
throw com_runtime_error(TYPE_E_SIZETOOBIG, __FUNCTION__ " PAP message exceeds 64kB.");
}
pSendPacket->Code = (BYTE)m_packet_res.m_code;
pSendPacket->Id = m_packet_res.m_id;
*(unsigned short*)pSendPacket->Length = htons((unsigned short)size_packet);
memcpy(pSendPacket->Data, m_packet_res.m_data.data(), size_data);
m_packet_res.m_data.erase(m_packet_res.m_data.begin(), m_packet_res.m_data.begin() + size_data);
*pdwSendPacketSize = size_packet;
}
void eap::method_pap::get_result(
_In_ EapPeerMethodResultReason reason,
_Inout_ EapPeerMethodResult *ppResult)
{
assert(ppResult);
switch (reason) {
case EapPeerMethodResultSuccess: {
m_module.log_event(&EAPMETHOD_METHOD_SUCCESS, event_data((unsigned int)eap_type_pap), event_data::blank);
m_cfg.m_auth_failed = false;
ppResult->fIsSuccess = TRUE;
ppResult->dwFailureReasonCode = ERROR_SUCCESS;
break;
}
case EapPeerMethodResultFailure:
m_module.log_event(
m_phase_prev < phase_finished ? &EAPMETHOD_METHOD_FAILURE_INIT : &EAPMETHOD_METHOD_FAILURE,
event_data((unsigned int)eap_type_pap), event_data::blank);
// Mark credentials as failed, so GUI can re-prompt user.
// But be careful: do so only after credentials were actually tried.
m_cfg.m_auth_failed = m_phase == phase_finished;
// Do not report failure to EapHost, as it will not save updated configuration then. But we need it to save it, to alert user on next connection attempt.
// EapHost is well aware of the failed condition.
//ppResult->fIsSuccess = FALSE;
//ppResult->dwFailureReasonCode = EAP_E_AUTHENTICATION_FAILED;
break;
default:
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
// Always ask EAP host to save the connection data.
ppResult->fSaveConnectionData = TRUE;
}

4
lib/PAP/src/StdAfx.h
View File

@@ -22,3 +22,7 @@
#include "../include/Config.h"
#include "../include/Credentials.h"
#include "../include/Method.h"
#include <Windows.h>
#include <EapHostError.h> // include after Windows.h

10
lib/TLS/include/Config.h
View File

@@ -162,6 +162,16 @@ namespace eap
///
virtual winstd::eap_type_t get_method_id() const;
///
/// Returns a string \c L"EAP-TLS"
///
virtual const wchar_t* get_method_str() const;
///
/// Creates a blank set of credentials suitable for this method
///
virtual credentials* make_credentials() const;
///
/// Adds CA to the list of trusted root CA's
///

17
lib/TLS/include/Credentials.h
View File

@@ -187,18 +187,19 @@ namespace eap
/// 2. Pre-configured credentials
/// 3. Stored credentials
///
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
/// \param[in] cfg Method configuration
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be credentials_tls* type)
/// \param[in] cfg Method configuration (must be config_method_tls type)
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns
/// - \c true if credentials were set;
/// - \c false otherwise
/// - \c source_cache Credentials were obtained from EapHost cache
/// - \c source_preshared Credentials were set by method configuration
/// - \c source_storage Credentials were loaded from Windows Credential Manager
///
source_t combine(
_In_ const credentials_tls *cred_cached,
_In_ const config_method_tls &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
virtual source_t combine(
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
public:
winstd::cert_context m_cert; ///< Client certificate

20
lib/TLS/include/Method.h
View File

@@ -146,10 +146,10 @@ namespace eap
/// Constructs an EAP method
///
/// \param[in] mod EAP module to use for global services
/// \param[in] cfg Connection configuration
/// \param[in] cfg Method configuration
/// \param[in] cred User credentials
///
method_tls(_In_ module &module, _In_ config_connection &cfg, _In_ credentials_tls &cred);
method_tls(_In_ module &module, _In_ config_method_tls &cfg, _In_ credentials_tls &cred);
///
/// Moves an EAP method
@@ -158,11 +158,6 @@ namespace eap
///
method_tls(_Inout_ method_tls &&other);
///
/// Destructor
///
virtual ~method_tls();
///
/// Moves an EAP method
///
@@ -367,12 +362,12 @@ namespace eap
/// Process handshake
///
void process_handshake();
#endif
///
/// Process application data
///
void process_application_data();
#endif
///
/// Processes a TLS application_data message
@@ -490,6 +485,7 @@ namespace eap
#endif
protected:
config_method_tls &m_cfg; ///< EAP-TLS method configuration
credentials_tls &m_cred; ///< EAP-TLS user credentials
HANDLE m_user_ctx; ///< Handle to user context
@@ -551,13 +547,5 @@ namespace eap
phase_shutdown, ///< Connection shut down
} m_phase, m_phase_prev; ///< What phase is our communication at?
#endif
// The following members are required to avoid memory leakage in get_result()
EAP_ATTRIBUTES m_eap_attr_desc; ///< EAP Radius attributes descriptor
std::vector<winstd::eap_attr> m_eap_attr; ///< EAP Radius attributes
BYTE *m_blob_cfg; ///< Configuration BLOB
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
BYTE *m_blob_cred; ///< Credentials BLOB
#endif
};
}

23
lib/TLS/src/Config.cpp
View File

@@ -141,27 +141,26 @@ void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
config_method_with_cred::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), namespace_eapmetadata, &pXmlElServerSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element.");
for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) {
// <CA>
com_obj<IXMLDOMElement> pXmlElCA;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA)))
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), namespace_eapmetadata, &pXmlElCA)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element.");
// <CA>/<format>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), namespace_eapmetadata, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <CA>/<cert-data>
const cert_context &cc = *i;
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)))
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), namespace_eapmetadata, cc->pbCertEncoded, cc->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL)))
@@ -170,7 +169,7 @@ void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *
// <ServerName>
for (list<wstring>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) {
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(*i))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), namespace_eapmetadata, bstr(*i))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element.");
}
}
@@ -292,6 +291,18 @@ eap_type_t eap::config_method_tls::get_method_id() const
}
const wchar_t* eap::config_method_tls::get_method_str() const
{
return L"EAP-TLS";
}
eap::credentials* eap::config_method_tls::make_credentials() const
{
return new credentials_tls(m_module);
}
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded)
{
cert_context cert;

105
lib/TLS/src/Credentials.cpp
View File

@@ -84,7 +84,7 @@ void eap::credentials_tls::clear()
bool eap::credentials_tls::empty() const
{
return credentials::empty() && !m_cert;
return !m_cert;
}
@@ -95,26 +95,22 @@ void eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
credentials::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <ClientCertificate>
com_obj<IXMLDOMElement> pXmlElClientCertificate;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"ClientCertificate"), bstrNamespace, &pXmlElClientCertificate)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientCertificate"), bstr(L"ClientCertificate"), namespace_eapmetadata, &pXmlElClientCertificate)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientCertificate> element.");
if (m_cert) {
// <ClientCertificate>/<format>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientCertificate, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientCertificate, bstr(L"format"), namespace_eapmetadata, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <ClientCertificate>/<cert-data>
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElClientCertificate, bstr(L"cert-data"), bstrNamespace, m_cert->pbCertEncoded, m_cert->cbCertEncoded)))
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElClientCertificate, bstr(L"cert-data"), namespace_eapmetadata, m_cert->pbCertEncoded, m_cert->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
}
if (FAILED(hr = pConfigRoot->appendChild(pXmlElClientCertificate, NULL)))
throw com_runtime_error(hr, __FUNCTION__ " Error appending <ClientCertificate> element.");
}
@@ -174,12 +170,14 @@ void eap::credentials_tls::store(_In_z_ LPCTSTR pszTargetName) const
{
assert(pszTargetName);
// Encrypt the certificate using user's key.
DATA_BLOB cred_blob = { m_cert->cbCertEncoded, m_cert->pbCertEncoded };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc))
throw win_runtime_error(__FUNCTION__ " CryptProtectData failed.");
if (m_cert) {
// Encrypt the certificate using user's key.
DATA_BLOB cred_blob = { m_cert->cbCertEncoded, m_cert->pbCertEncoded };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc))
throw win_runtime_error(__FUNCTION__ " CryptProtectData failed.");
}
tstring target(target_name(pszTargetName));
@@ -214,17 +212,20 @@ void eap::credentials_tls::retrieve(_In_z_ LPCTSTR pszTargetName)
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred))
throw win_runtime_error(__FUNCTION__ " CredRead failed.");
// Decrypt the certificate using user's key.
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int))
throw win_runtime_error(__FUNCTION__ " CryptUnprotectData failed.");
if (cred->CredentialBlobSize) {
// Decrypt the certificate using user's key.
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int))
throw win_runtime_error(__FUNCTION__ " CryptUnprotectData failed.");
bool bResult = m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cred_int.pbData, cred_int.cbData);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
if (!bResult)
throw win_runtime_error(__FUNCTION__ " Error loading certificate.");
bool bResult = m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cred_int.pbData, cred_int.cbData);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
if (!bResult)
throw win_runtime_error(__FUNCTION__ " Error loading certificate.");
} else
m_cert.free();
if (cred->UserName)
m_identity = cred->UserName;
@@ -248,30 +249,64 @@ std::wstring eap::credentials_tls::get_identity() const
if (!m_identity.empty()) {
return m_identity;
} else if (m_cert) {
wstring identity;
CertGetNameString(m_cert, CERT_NAME_EMAIL_TYPE, 0, NULL, identity);
return identity;
} else
return L"";
for (DWORD idx_ext = 0; idx_ext < m_cert->pCertInfo->cExtension; idx_ext++) {
unique_ptr<CERT_ALT_NAME_INFO, LocalFree_delete<CERT_ALT_NAME_INFO> > san_info;
if (strcmp(m_cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME2) == 0) {
unsigned char *output = NULL;
DWORD size_output;
if (!CryptDecodeObjectEx(
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
szOID_SUBJECT_ALT_NAME2,
m_cert->pCertInfo->rgExtension[idx_ext].Value.pbData, m_cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
NULL,
&output, &size_output))
throw win_runtime_error(__FUNCTION__ " Error decoding subjectAltName2 certificate extension.");
san_info.reset((CERT_ALT_NAME_INFO*)output);
} else if (strcmp(m_cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME) == 0) {
unsigned char *output = NULL;
DWORD size_output;
if (!CryptDecodeObjectEx(
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
szOID_SUBJECT_ALT_NAME,
m_cert->pCertInfo->rgExtension[idx_ext].Value.pbData, m_cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
NULL,
&output, &size_output))
throw win_runtime_error(__FUNCTION__ " Error decoding subjectAltName certificate extension.");
san_info.reset((CERT_ALT_NAME_INFO*)output);
} else {
// Skip this extension.
continue;
}
for (DWORD idx_entry = 0; idx_entry < san_info->cAltEntry; idx_entry++) {
if (san_info->rgAltEntry[idx_entry].dwAltNameChoice == CERT_ALT_NAME_RFC822_NAME)
return san_info->rgAltEntry[idx_entry].pwszRfc822Name;
}
}
}
return L"";
}
eap::credentials::source_t eap::credentials_tls::combine(
_In_ const credentials_tls *cred_cached,
_In_ const config_method_tls &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
{
if (cred_cached) {
// Using EAP service cached credentials.
*this = *cred_cached;
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
*this = *(credentials_tls*)cred_cached;
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED2, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data(pszTargetName), event_data::blank);
return source_cache;
}
if (cfg.m_use_preshared) {
// Using preshared credentials.
*this = *(credentials_tls*)cfg.m_preshared.get();
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED2, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data(pszTargetName), event_data::blank);
return source_preshared;
}
@@ -282,7 +317,7 @@ eap::credentials::source_t eap::credentials_tls::combine(
// Using stored credentials.
*this = std::move(cred_loaded);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED2, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data(pszTargetName), event_data::blank);
return source_storage;
} catch (...) {
// Not actually an error.

206
lib/TLS/src/Method.cpp
View File

@@ -125,7 +125,8 @@ void eap::method_tls::packet::clear()
// eap::method_tls
//////////////////////////////////////////////////////////////////////
eap::method_tls::method_tls(_In_ module &module, _In_ config_connection &cfg, _In_ credentials_tls &cred) :
eap::method_tls::method_tls(_In_ module &module, _In_ config_method_tls &cfg, _In_ credentials_tls &cred) :
m_cfg(cfg),
m_cred(cred),
m_user_ctx(NULL),
#if EAP_TLS < EAP_TLS_SCHANNEL
@@ -135,10 +136,6 @@ eap::method_tls::method_tls(_In_ module &module, _In_ config_connection &cfg, _I
#else
m_phase(phase_unknown),
m_phase_prev(phase_unknown),
#endif
m_blob_cfg(NULL),
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
m_blob_cred(NULL),
#endif
method(module, cfg, cred)
{
@@ -153,6 +150,7 @@ eap::method_tls::method_tls(_In_ module &module, _In_ config_connection &cfg, _I
eap::method_tls::method_tls(_Inout_ method_tls &&other) :
m_cred ( other.m_cred ),
m_cfg ( other.m_cfg ),
m_user_ctx (std::move(other.m_user_ctx )),
m_packet_req (std::move(other.m_packet_req )),
m_packet_res (std::move(other.m_packet_res )),
@@ -199,18 +197,6 @@ eap::method_tls::method_tls(_Inout_ method_tls &&other) :
}
eap::method_tls::~method_tls()
{
if (m_blob_cfg)
m_module.free_memory(m_blob_cfg);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
if (m_blob_cred)
m_module.free_memory(m_blob_cred);
#endif
}
eap::method_tls& eap::method_tls::operator=(_Inout_ method_tls &&other)
{
if (this != std::addressof(other)) {
@@ -273,13 +259,6 @@ void eap::method_tls::begin_session(
m_user_ctx = hTokenImpersonateUser;
user_impersonator impersonating(m_user_ctx);
// Get method configuration.
if (m_cfg.m_providers.empty() || m_cfg.m_providers.front().m_methods.empty())
throw invalid_argument(__FUNCTION__ " Configuration has no providers and/or methods.");
const config_provider &cfg_prov(m_cfg.m_providers.front());
const config_method_tls *cfg_method = dynamic_cast<const config_method_tls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
#if EAP_TLS < EAP_TLS_SCHANNEL
// Create cryptographics provider for support needs (handshake hashing, client random, temporary keys...).
if (!m_cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
@@ -291,13 +270,13 @@ void eap::method_tls::begin_session(
throw win_runtime_error(__FUNCTION__ " Error creating exponent-of-one key.");
// Restore previous session ID and master secret. We might get lucky.
m_session_id = cfg_method->m_session_id;
m_master_secret = cfg_method->m_master_secret;
m_session_id = m_cfg.m_session_id;
m_master_secret = m_cfg.m_master_secret;
#else
// Build (expected) server name(s) for Schannel.
m_sc_target_name.clear();
for (list<wstring>::const_iterator name = cfg_method->m_server_names.cbegin(), name_end = cfg_method->m_server_names.cend(); name != name_end; ++name) {
if (name != cfg_method->m_server_names.cbegin())
for (list<wstring>::const_iterator name = m_cfg.m_server_names.cbegin(), name_end = m_cfg.m_server_names.cend(); name != name_end; ++name) {
if (name != m_cfg.m_server_names.cbegin())
m_sc_target_name += _T(';');
#ifdef _UNICODE
m_sc_target_name.insert(m_sc_target_name.end(), name->begin(), name->end());
@@ -311,30 +290,30 @@ void eap::method_tls::begin_session(
// Prepare client credentials for Schannel.
PCCERT_CONTEXT certs[] = { m_cred.m_cert ? m_cred.m_cert : NULL };
SCHANNEL_CRED cred = {
SCHANNEL_CRED_VERSION, // dwVersion
m_cred.m_cert ? 1 : 0, // cCreds
certs, // paCred
NULL, // hRootStore: Not valid for client credentials
0, // cMappers
NULL, // aphMappers
0, // cSupportedAlgs: Use system configured default
NULL, // palgSupportedAlgs: Use system configured default
0, // grbitEnabledProtocols: Use default
0, // dwMinimumCipherStrength: Use system configured default
0, // dwMaximumCipherStrength: Use system configured default
0, // dwSessionLifespan: Use system configured default = 10hr
SCHANNEL_CRED_VERSION, // dwVersion
m_cred.m_cert ? 1 : 0, // cCreds
certs, // paCred
NULL, // hRootStore: Not valid for client credentials
0, // cMappers
NULL, // aphMappers
0, // cSupportedAlgs: Use system configured default
NULL, // palgSupportedAlgs: Use system configured default
SP_PROT_TLS1_X_CLIENT | (SP_PROT_TLS1_2_CLIENT<<2), // grbitEnabledProtocols: TLS 1.x
0, // dwMinimumCipherStrength: Use system configured default
0, // dwMaximumCipherStrength: Use system configured default
0, // dwSessionLifespan: Use system configured default = 10hr
#if EAP_TLS >= EAP_TLS_SCHANNEL_FULL
SCH_CRED_AUTO_CRED_VALIDATION | // dwFlags: Let Schannel verify server certificate
SCH_CRED_AUTO_CRED_VALIDATION | // dwFlags: Let Schannel verify server certificate
#else
SCH_CRED_MANUAL_CRED_VALIDATION | // dwFlags: Prevent Schannel verify server certificate (we want to use custom root CA store and multiple name checking)
SCH_CRED_MANUAL_CRED_VALIDATION | // dwFlags: Prevent Schannel verify server certificate (we want to use custom root CA store and multiple name checking)
#endif
SCH_CRED_CACHE_ONLY_URL_RETRIEVAL_ON_CREATE | // dwFlags: Do not attempt online revocation check - we do not expect to have network connection yet
SCH_CRED_IGNORE_NO_REVOCATION_CHECK | // dwFlags: Ignore no-revocation-check errors (TODO: Test if this flag is required.)
SCH_CRED_IGNORE_REVOCATION_OFFLINE | // dwFlags: Ignore offline-revocation errors - we do not expect to have network connection yet
SCH_CRED_NO_DEFAULT_CREDS | // dwFlags: If client certificate we provided is not acceptable, do not try to select one on your own
(cfg_method->m_server_names.empty() ? SCH_CRED_NO_SERVERNAME_CHECK : 0) | // dwFlags: When no expected server name is given, do not do the server name check.
0x00400000 /*SCH_USE_STRONG_CRYPTO*/, // dwFlags: Do not use broken ciphers
0 // dwCredFormat
SCH_CRED_CACHE_ONLY_URL_RETRIEVAL_ON_CREATE | // dwFlags: Do not attempt online revocation check - we do not expect to have network connection yet
SCH_CRED_IGNORE_NO_REVOCATION_CHECK | // dwFlags: Ignore no-revocation-check errors (TODO: Test if this flag is required.)
SCH_CRED_IGNORE_REVOCATION_OFFLINE | // dwFlags: Ignore offline-revocation errors - we do not expect to have network connection yet
SCH_CRED_NO_DEFAULT_CREDS | // dwFlags: If client certificate we provided is not acceptable, do not try to select one on your own
(m_cfg.m_server_names.empty() ? SCH_CRED_NO_SERVERNAME_CHECK : 0) | // dwFlags: When no expected server name is given, do not do the server name check.
0x00400000 /*SCH_USE_STRONG_CRYPTO*/, // dwFlags: Do not use broken ciphers
0 // dwCredFormat
};
SECURITY_STATUS stat = m_sc_cred.acquire(NULL, UNISP_NAME, SECPKG_CRED_OUTBOUND, NULL, &cred);
if (FAILED(stat))
@@ -378,14 +357,14 @@ void eap::method_tls::process_request_packet(
// Preallocate data according to the Length field.
size_t size_tot = ntohl(*(unsigned int*)(pReceivedPacket->Data + 2));
m_packet_req.m_data.reserve(size_tot);
m_module.log_event(&EAPMETHOD_TLS_PACKET_RECV_FRAG_FIRST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)size_tot), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_RECV_FRAG_FIRST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)size_tot), event_data::blank);
} else {
// The Length field was not included. Odd. Nevermind, no pre-allocation then.
m_module.log_event(&EAPMETHOD_TLS_PACKET_RECV_FRAG_FIRST1, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_RECV_FRAG_FIRST1, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data::blank);
}
} else {
// Mid fragment received.
m_module.log_event(&EAPMETHOD_TLS_PACKET_RECV_FRAG_MID, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)m_packet_req.m_data.size()), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_RECV_FRAG_MID, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)m_packet_req.m_data.size()), event_data::blank);
}
m_packet_req.m_data.insert(m_packet_req.m_data.end(), packet_data_ptr, packet_data_ptr + packet_data_size);
@@ -400,11 +379,11 @@ void eap::method_tls::process_request_packet(
} else if (!m_packet_req.m_data.empty()) {
// Last fragment received. Append data.
m_packet_req.m_data.insert(m_packet_req.m_data.end(), packet_data_ptr, packet_data_ptr + packet_data_size);
m_module.log_event(&EAPMETHOD_TLS_PACKET_RECV_FRAG_LAST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)m_packet_req.m_data.size()), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_RECV_FRAG_LAST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data((unsigned int)m_packet_req.m_data.size()), event_data::blank);
} else {
// This is a complete non-fragmented packet.
m_packet_req.m_data.assign(packet_data_ptr, packet_data_ptr + packet_data_size);
m_module.log_event(&EAPMETHOD_TLS_PACKET_RECV, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_RECV, event_data((unsigned int)eap_type_tls), event_data((unsigned int)packet_data_size), event_data::blank);
}
m_packet_req.m_code = (EapCode)pReceivedPacket->Code;
@@ -436,7 +415,7 @@ void eap::method_tls::process_request_packet(
#if EAP_TLS < EAP_TLS_SCHANNEL
if (pReceivedPacket->Code == EapCodeRequest && (m_packet_req.m_flags & flags_req_start)) {
// This is the EAP-TLS start message: (re)initialize method.
m_module.log_event(&EAPMETHOD_TLS_HANDSHAKE_START2, event_data((unsigned int)eap_type_tls), event_data::blank);
m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_tls), event_data::blank);
m_phase = phase_client_hello;
} else {
// Process the packet.
@@ -565,14 +544,22 @@ void eap::method_tls::process_request_packet(
sanitizing_blob msg_finished(make_message(tls_message_type_handshake, make_finished()));
m_packet_res.m_data.insert(m_packet_res.m_data.end(), msg_finished.begin(), msg_finished.end());
m_phase = m_handshake[tls_handshake_type_finished] ? phase_application_data : phase_change_cipher_spec;
if (m_handshake[tls_handshake_type_finished]) {
// Go to application data phase. And allow piggybacking of the first data message.
m_phase = phase_application_data;
process_application_data(NULL, 0);
} else {
m_phase = phase_change_cipher_spec;
}
break;
}
case phase_change_cipher_spec:
// Wait in this phase until server sends change cipher spec and finish.
if (m_state_server.m_alg_encrypt && m_handshake[tls_handshake_type_finished])
if (m_state_server.m_alg_encrypt && m_handshake[tls_handshake_type_finished]) {
m_phase = phase_application_data;
process_application_data(NULL, 0);
}
break;
case phase_application_data:
@@ -582,7 +569,7 @@ void eap::method_tls::process_request_packet(
#else
if (pReceivedPacket->Code == EapCodeRequest && (m_packet_req.m_flags & flags_req_start)) {
// This is the EAP-TLS start message: (re)initialize method.
m_module.log_event(&EAPMETHOD_TLS_HANDSHAKE_START2, event_data((unsigned int)eap_type_tls), event_data::blank);
m_module.log_event(&EAPMETHOD_METHOD_HANDSHAKE_START2, event_data((unsigned int)eap_type_tls), event_data::blank);
m_phase = phase_handshake_init;
m_sc_queue.assign(m_packet_req.m_data.begin(), m_packet_req.m_data.end());
} else
@@ -628,7 +615,7 @@ void eap::method_tls::get_response_packet(
// No need to fragment the packet.
m_packet_res.m_flags &= ~flags_res_length_incl; // No need to explicitly include the Length field either.
data_dst = pSendPacket->Data + 2;
m_module.log_event(&EAPMETHOD_TLS_PACKET_SEND, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_SEND, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data::blank);
} else {
// But it should be fragmented.
m_packet_res.m_flags |= flags_res_length_incl | flags_res_more_frag;
@@ -636,7 +623,7 @@ void eap::method_tls::get_response_packet(
data_dst = pSendPacket->Data + 6;
size_data = size_packet_limit - 10;
size_packet = size_packet_limit;
m_module.log_event(&EAPMETHOD_TLS_PACKET_SEND_FRAG_FIRST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_SEND_FRAG_FIRST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
}
} else {
// Continuing the fragmented packet...
@@ -645,11 +632,11 @@ void eap::method_tls::get_response_packet(
m_packet_res.m_flags &= ~flags_res_length_incl;
size_data = size_packet_limit - 6;
size_packet = size_packet_limit;
m_module.log_event(&EAPMETHOD_TLS_PACKET_SEND_FRAG_MID, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_SEND_FRAG_MID, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
} else {
// This is the last fragment.
m_packet_res.m_flags &= ~(flags_res_length_incl | flags_res_more_frag);
m_module.log_event(&EAPMETHOD_TLS_PACKET_SEND_FRAG_LAST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
m_module.log_event(&EAPMETHOD_PACKET_SEND_FRAG_LAST, event_data((unsigned int)eap_type_tls), event_data((unsigned int)size_data), event_data((unsigned int)(m_packet_res.m_data.size() - size_data)), event_data::blank);
}
data_dst = pSendPacket->Data + 2;
}
@@ -671,13 +658,9 @@ void eap::method_tls::get_result(
{
assert(ppResult);
config_provider &cfg_prov(m_cfg.m_providers.front());
config_method_tls *cfg_method = dynamic_cast<config_method_tls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
switch (reason) {
case EapPeerMethodResultSuccess: {
m_module.log_event(&EAPMETHOD_TLS_SUCCESS, event_data((unsigned int)eap_type_tls), event_data::blank);
m_module.log_event(&EAPMETHOD_METHOD_SUCCESS, event_data((unsigned int)eap_type_tls), event_data::blank);
#if EAP_TLS < EAP_TLS_SCHANNEL
// Derive MSK/EMSK for line encryption.
@@ -685,8 +668,7 @@ void eap::method_tls::get_result(
// Fill array with RADIUS attributes.
eap_attr a;
m_eap_attr.clear();
m_eap_attr.reserve(3);
m_eap_attr.reserve(m_eap_attr.size() + 3);
a.create_ms_mppe_key(16, (LPCBYTE)&m_key_mppe_client, sizeof(tls_random));
m_eap_attr.push_back(std::move(a));
a.create_ms_mppe_key(17, (LPCBYTE)&m_key_mppe_server, sizeof(tls_random));
@@ -702,8 +684,7 @@ void eap::method_tls::get_result(
// Fill array with RADIUS attributes.
eap_attr a;
m_eap_attr.clear();
m_eap_attr.reserve(3);
m_eap_attr.reserve(m_eap_attr.size() + 3);
a.create_ms_mppe_key(16, _key_block, sizeof(tls_random));
m_eap_attr.push_back(std::move(a));
_key_block += sizeof(tls_random);
@@ -713,40 +694,45 @@ void eap::method_tls::get_result(
m_eap_attr.push_back(eap_attr::blank);
#endif
m_eap_attr_desc.dwNumberOfAttributes = (DWORD)m_eap_attr.size();
m_eap_attr_desc.pAttribs = m_eap_attr.data();
ppResult->pAttribArray = &m_eap_attr_desc;
// Clear credentials as failed.
cfg_method->m_auth_failed = false;
m_cfg.m_auth_failed = false;
ppResult->fIsSuccess = TRUE;
ppResult->dwFailureReasonCode = ERROR_SUCCESS;
#if EAP_TLS < EAP_TLS_SCHANNEL
// Update configuration with session resumption data and prepare BLOB.
cfg_method->m_session_id = m_session_id;
cfg_method->m_master_secret = m_master_secret;
m_cfg.m_session_id = m_session_id;
m_cfg.m_master_secret = m_master_secret;
#endif
break;
}
case EapPeerMethodResultFailure:
m_module.log_event(
m_phase_prev < phase_handshake_cont ? &EAPMETHOD_TLS_FAILURE_INIT :
m_phase_prev < phase_application_data ? &EAPMETHOD_TLS_FAILURE_HANDSHAKE : &EAPMETHOD_TLS_FAILURE,
event_data((unsigned int)eap_type_tls), event_data::blank);
#if EAP_TLS < EAP_TLS_SCHANNEL
// Clear session resumption data.
cfg_method->m_session_id.clear();
cfg_method->m_master_secret.clear();
#endif
m_module.log_event(
m_phase < phase_change_cipher_spec ? &EAPMETHOD_METHOD_FAILURE_INIT :
m_phase < phase_application_data ? &EAPMETHOD_METHOD_FAILURE_HANDSHAKE : &EAPMETHOD_METHOD_FAILURE,
event_data((unsigned int)eap_type_tls), event_data::blank);
// Mark credentials as failed, so GUI can re-prompt user.
// But be careful: do so only if this happened after transition from handshake to application data phase.
cfg_method->m_auth_failed = m_phase_prev < phase_application_data && m_phase >= phase_application_data;
m_cfg.m_auth_failed = m_phase >= phase_application_data;
// Clear session resumption data.
m_cfg.m_session_id.clear();
m_cfg.m_master_secret.clear();
#else
m_module.log_event(
m_phase_prev < phase_handshake_cont ? &EAPMETHOD_METHOD_FAILURE_INIT :
m_phase_prev < phase_application_data ? &EAPMETHOD_METHOD_FAILURE_HANDSHAKE : &EAPMETHOD_METHOD_FAILURE,
event_data((unsigned int)eap_type_tls), event_data::blank);
// Mark credentials as failed, so GUI can re-prompt user.
// But be careful: do so only if this happened after transition from handshake to application data phase.
m_cfg.m_auth_failed = m_phase_prev < phase_application_data && m_phase >= phase_application_data;
#endif
// Do not report failure to EapHost, as it will not save updated configuration then. But we need it to save it, to alert user on next connection attempt.
// EapHost is well aware of the failed condition.
@@ -761,18 +747,6 @@ void eap::method_tls::get_result(
// Always ask EAP host to save the connection data.
ppResult->fSaveConnectionData = TRUE;
m_module.pack(m_cfg, &ppResult->pConnectionData, &ppResult->dwSizeofConnectionData);
if (m_blob_cfg)
m_module.free_memory(m_blob_cfg);
m_blob_cfg = ppResult->pConnectionData;
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
ppResult->fSaveUserData = TRUE;
m_module.pack(m_cred, &ppResult->pUserData, &ppResult->dwSizeofUserData);
if (m_blob_cred)
m_module.free_memory(m_blob_cred);
m_blob_cred = ppResult->pUserData;
#endif
}
@@ -1483,38 +1457,34 @@ void eap::method_tls::verify_server_trust() const
throw sec_runtime_error(status, __FUNCTION__ " Error retrieving server certificate from Schannel.");
#endif
const config_provider &cfg_prov(m_cfg.m_providers.front());
const config_method_tls *cfg_method = dynamic_cast<const config_method_tls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
// Check server name.
if (!cfg_method->m_server_names.empty()) {
if (!m_cfg.m_server_names.empty()) {
bool
has_san = false,
found = false;
// Search subjectAltName2 and subjectAltName.
for (DWORD i = 0; !found && i < cert->pCertInfo->cExtension; i++) {
for (DWORD idx_ext = 0; !found && idx_ext < cert->pCertInfo->cExtension; idx_ext++) {
unique_ptr<CERT_ALT_NAME_INFO, LocalFree_delete<CERT_ALT_NAME_INFO> > san_info;
if (strcmp(cert->pCertInfo->rgExtension[i].pszObjId, szOID_SUBJECT_ALT_NAME2) == 0) {
if (strcmp(cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME2) == 0) {
unsigned char *output = NULL;
DWORD size_output;
if (!CryptDecodeObjectEx(
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
szOID_SUBJECT_ALT_NAME2,
cert->pCertInfo->rgExtension[i].Value.pbData, cert->pCertInfo->rgExtension[i].Value.cbData,
cert->pCertInfo->rgExtension[idx_ext].Value.pbData, cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
NULL,
&output, &size_output))
throw win_runtime_error(__FUNCTION__ " Error decoding subjectAltName2 certificate extension.");
san_info.reset((CERT_ALT_NAME_INFO*)output);
} else if (strcmp(cert->pCertInfo->rgExtension[i].pszObjId, szOID_SUBJECT_ALT_NAME) == 0) {
} else if (strcmp(cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME) == 0) {
unsigned char *output = NULL;
DWORD size_output;
if (!CryptDecodeObjectEx(
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
szOID_SUBJECT_ALT_NAME,
cert->pCertInfo->rgExtension[i].Value.pbData, cert->pCertInfo->rgExtension[i].Value.cbData,
cert->pCertInfo->rgExtension[idx_ext].Value.pbData, cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
NULL,
&output, &size_output))
@@ -1526,12 +1496,12 @@ void eap::method_tls::verify_server_trust() const
}
has_san = true;
for (list<wstring>::const_iterator s = cfg_method->m_server_names.cbegin(), s_end = cfg_method->m_server_names.cend(); !found && s != s_end; ++s) {
for (DWORD i = 0; !found && i < san_info->cAltEntry; i++) {
if (san_info->rgAltEntry[i].dwAltNameChoice == CERT_ALT_NAME_DNS_NAME &&
_wcsicmp(s->c_str(), san_info->rgAltEntry[i].pwszDNSName) == 0)
for (list<wstring>::const_iterator s = m_cfg.m_server_names.cbegin(), s_end = m_cfg.m_server_names.cend(); !found && s != s_end; ++s) {
for (DWORD idx_entry = 0; !found && idx_entry < san_info->cAltEntry; idx_entry++) {
if (san_info->rgAltEntry[idx_entry].dwAltNameChoice == CERT_ALT_NAME_DNS_NAME &&
_wcsicmp(s->c_str(), san_info->rgAltEntry[idx_entry].pwszDNSName) == 0)
{
m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(san_info->rgAltEntry[i].pwszDNSName), event_data::blank);
m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(san_info->rgAltEntry[idx_entry].pwszDNSName), event_data::blank);
found = true;
}
}
@@ -1544,7 +1514,7 @@ void eap::method_tls::verify_server_trust() const
if (!CertGetNameStringW(cert, CERT_NAME_DNS_TYPE, CERT_NAME_STR_ENABLE_PUNYCODE_FLAG, NULL, subj))
throw win_runtime_error(__FUNCTION__ " Error retrieving server's certificate subject name.");
for (list<wstring>::const_iterator s = cfg_method->m_server_names.cbegin(), s_end = cfg_method->m_server_names.cend(); !found && s != s_end; ++s) {
for (list<wstring>::const_iterator s = m_cfg.m_server_names.cbegin(), s_end = m_cfg.m_server_names.cend(); !found && s != s_end; ++s) {
if (_wcsicmp(s->c_str(), subj.c_str()) == 0) {
m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(subj), event_data::blank);
found = true;
@@ -1564,7 +1534,7 @@ void eap::method_tls::verify_server_trust() const
cert_store store;
if (!store.create(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, 0, NULL))
throw win_runtime_error(__FUNCTION__ " Error creating temporary certificate store.");
for (list<cert_context>::const_iterator c = cfg_method->m_trusted_root_ca.cbegin(), c_end = cfg_method->m_trusted_root_ca.cend(); c != c_end; ++c)
for (list<cert_context>::const_iterator c = m_cfg.m_trusted_root_ca.cbegin(), c_end = m_cfg.m_trusted_root_ca.cend(); c != c_end; ++c)
CertAddCertificateContextToStore(store, *c, CERT_STORE_ADD_REPLACE_EXISTING, NULL);
// Add all intermediate certificates from the server's certificate chain.
@@ -1636,7 +1606,7 @@ void eap::method_tls::verify_server_trust() const
throw sec_runtime_error(SEC_E_CERT_UNKNOWN, __FUNCTION__ " Can not verify empty certificate chain.");
PCCERT_CONTEXT cert_root = context->rgpChain[0]->rgpElement[context->rgpChain[0]->cElement-1]->pCertContext;
for (list<cert_context>::const_iterator c = cfg_method->m_trusted_root_ca.cbegin(), c_end = cfg_method->m_trusted_root_ca.cend();; ++c) {
for (list<cert_context>::const_iterator c = m_cfg.m_trusted_root_ca.cbegin(), c_end = m_cfg.m_trusted_root_ca.cend();; ++c) {
if (c != c_end) {
if (cert_root->cbCertEncoded == (*c)->cbCertEncoded &&
memcmp(cert_root->pbCertEncoded, (*c)->pbCertEncoded, cert_root->cbCertEncoded) == 0)

2
lib/TLS_UI/include/TLS_UI.h
View File

@@ -248,7 +248,7 @@ protected:
};
class wxTLSCredentialsPanel : public wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>
class wxTLSCredentialsPanel : public wxEAPCredentialsPanel<eap::credentials_tls, wxTLSCredentialsPanelBase>
{
public:
///

10
lib/TLS_UI/res/wxTLS_UI.cpp
View File

@@ -26,7 +26,7 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow
sb_server_trust_vert = new wxBoxSizer( wxVERTICAL );
m_server_trust_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Describe the servers you trust to prevent credential interception in case of man-in-the-middle attacks."), wxDefaultPosition, wxDefaultSize, 0 );
m_server_trust_label->Wrap( 446 );
m_server_trust_label->Wrap( 445 );
sb_server_trust_vert->Add( m_server_trust_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_root_ca;
@@ -129,7 +129,7 @@ wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindow
sb_credentials_vert = new wxBoxSizer( wxVERTICAL );
m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please select your client certificate to use for authentication."), wxDefaultPosition, wxDefaultSize, 0 );
m_credentials_label->Wrap( 446 );
m_credentials_label->Wrap( 445 );
sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_cert_radio;
@@ -194,8 +194,14 @@ wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindow
this->SetSizer( sb_credentials );
this->Layout();
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxTLSCredentialsPanelBase::OnUpdateUI ) );
}
wxTLSCredentialsPanelBase::~wxTLSCredentialsPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxTLSCredentialsPanelBase::OnUpdateUI ) );
}

6
lib/TLS_UI/res/wxTLS_UI.fbp
View File

@@ -242,7 +242,7 @@
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style"></property>
<property name="wrap">446</property>
<property name="wrap">445</property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>
@@ -1050,7 +1050,7 @@
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
<event name="OnUpdateUI">OnUpdateUI</event>
<object class="wxStaticBoxSizer" expanded="1">
<property name="id">wxID_ANY</property>
<property name="label">TLS Client Certificate</property>
@@ -1215,7 +1215,7 @@
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style"></property>
<property name="wrap">446</property>
<property name="wrap">445</property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>

4
lib/TLS_UI/res/wxTLS_UI.h
View File

@@ -84,6 +84,10 @@ class wxTLSCredentialsPanelBase : public wxPanel
wxTextCtrl* m_identity;
wxStaticText* m_identity_note;
wxCheckBox* m_remember;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:

2
lib/TLS_UI/src/StdAfx.h
View File

@@ -25,3 +25,5 @@
#include "../../../include/Version.h"
#include "../include/TLS_UI.h"
#include <WindowsX.h>

31
lib/TLS_UI/src/TLS_UI.cpp
View File

@@ -312,7 +312,7 @@ bool wxFQDNListValidator::Parse(const wxString &val_in, size_t i_start, size_t i
//////////////////////////////////////////////////////////////////////
wxTLSCredentialsPanel::wxTLSCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config) :
wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>(prov, cfg, cred, pszCredTarget, parent, is_config)
wxEAPCredentialsPanel<eap::credentials_tls, wxTLSCredentialsPanelBase>(prov, cfg, cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
winstd::library lib_shell32;
@@ -361,7 +361,7 @@ bool wxTLSCredentialsPanel::TransferDataToWindow()
m_identity->SetValue(m_cred.m_identity);
return wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>::TransferDataToWindow();
return wxEAPCredentialsPanel<eap::credentials_tls, wxTLSCredentialsPanelBase>::TransferDataToWindow();
}
@@ -381,11 +381,11 @@ bool wxTLSCredentialsPanel::TransferDataFromWindow()
// Inherited TransferDataFromWindow() calls m_cred.store().
// Therefore, call it only now, that m_cred is set.
return wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>::TransferDataFromWindow();
return wxEAPCredentialsPanel<eap::credentials_tls, wxTLSCredentialsPanelBase>::TransferDataFromWindow();
}
void wxTLSCredentialsPanel::OnUpdateUI(wxUpdateUIEvent& event)
void wxTLSCredentialsPanel::OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
if (!m_is_config && m_cfg.m_use_preshared) {
// Credential prompt mode & Using pre-shared credentials
@@ -404,8 +404,6 @@ void wxTLSCredentialsPanel::OnUpdateUI(wxUpdateUIEvent& event)
m_cert_select_val->Enable(m_cert_select->GetValue());
m_identity->Enable(true);
}
wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>::OnUpdateUI(event);
}
@@ -465,10 +463,8 @@ bool wxTLSServerTrustPanel::TransferDataFromWindow()
}
void wxTLSServerTrustPanel::OnUpdateUI(wxUpdateUIEvent& event)
void wxTLSServerTrustPanel::OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_root_ca_add_store->Enable(false);
@@ -479,9 +475,12 @@ void wxTLSServerTrustPanel::OnUpdateUI(wxUpdateUIEvent& event)
// This is not a provider-locked configuration. Selectively enable/disable controls.
m_root_ca_add_store->Enable(true);
m_root_ca_add_file ->Enable(true);
wxArrayInt selections;
m_root_ca_remove->Enable(m_root_ca->GetSelections(selections) ? true : false);
m_root_ca_remove ->Enable(ListBox_GetSelCount(m_root_ca->GetHWND()) ? true : false); // *
m_server_names ->Enable(true);
// * ListBox_GetSelCount() is not cross-platform, but this is Windows EAP Supplicant,
// and this is the fastest way to find out if there is a selection in the list box,
// observing wxWidgets 3.0.2 has nothing faster to offer.
}
}
@@ -494,10 +493,8 @@ void wxTLSServerTrustPanel::OnRootCADClick(wxCommandEvent& event)
}
void wxTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event)
void wxTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_context cert;
@@ -510,8 +507,6 @@ void wxTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event)
void wxTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
const wxString separator(wxT("|"));
wxFileDialog open_dialog(this, _("Add Certificate"), wxEmptyString, wxEmptyString,
_("Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.p7b;*.pem") + separator +
@@ -538,10 +533,8 @@ void wxTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event)
}
void wxTLSServerTrustPanel::OnRootCARemove(wxCommandEvent& event)
void wxTLSServerTrustPanel::OnRootCARemove(wxCommandEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
wxArrayInt selections;
for (int i = m_root_ca->GetSelections(selections); i--; )
m_root_ca->Delete(selections[i]);

25
lib/TTLS/include/Config.h
View File

@@ -33,7 +33,6 @@ namespace eap
#include "Credentials.h"
#include "../../TLS/include/Config.h"
#include "../../PAP/include/Config.h"
#include <Windows.h>
#include <assert.h>
@@ -142,6 +141,30 @@ namespace eap {
///
virtual winstd::eap_type_t get_method_id() const;
///
/// Returns a string \c L"EAP-TTLS"
///
virtual const wchar_t* get_method_str() const;
///
/// Creates a blank set of credentials suitable for this method
///
virtual credentials* make_credentials() const;
///
/// Makes a new inner method config
///
/// \param[in] eap_type EAP type
///
config_method_with_cred* make_config_method(_In_ winstd::eap_type_t eap_type) const;
///
/// Makes a new inner method config
///
/// \param[in] eap_type EAP type
///
config_method_with_cred* make_config_method(_In_ const wchar_t *eap_type) const;
///
/// Generates public identity using current configuration and given credentials
///

24
lib/TTLS/include/Credentials.h
View File

@@ -29,10 +29,8 @@ namespace eap
#pragma once
#include "../../TLS/include/Credentials.h"
#include "../../PAP/include/Credentials.h"
#include <memory>
#include <utility>
namespace eap
@@ -161,11 +159,6 @@ namespace eap
///
virtual void retrieve(_In_z_ LPCTSTR pszTargetName);
///
/// Return target suffix for Windows Credential Manager credential name
///
virtual LPCTSTR target_suffix() const;
///
/// Returns credential identity.
///
@@ -180,18 +173,19 @@ namespace eap
/// 2. Pre-configured credentials
/// 3. Stored credentials
///
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
/// \param[in] cfg Method configuration
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL, must be credentials_ttls* type)
/// \param[in] cfg Method configuration (must be config_method_ttls type)
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns
/// - \c true if credentials were set;
/// - \c false otherwise
/// - \c source_cache Credentials were obtained from EapHost cache
/// - \c source_preshared Credentials were set by method configuration
/// - \c source_storage Credentials were loaded from Windows Credential Manager
///
std::pair<source_t, source_t> combine(
_In_ const credentials_ttls *cred_cached,
_In_ const config_method_ttls &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
virtual source_t combine(
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
public:
std::unique_ptr<credentials> m_inner; ///< Inner credentials

44
lib/TTLS/include/Method.h
View File

@@ -58,10 +58,10 @@ namespace eap
/// Constructs an EAP method
///
/// \param[in] mod EAP module to use for global services
/// \param[in] cfg Connection configuration
/// \param[in] cfg Method configuration
/// \param[in] cred User credentials
///
method_ttls(_In_ module &module, _In_ config_connection &cfg, _In_ credentials_ttls &cred);
method_ttls(_In_ module &module, _In_ config_method_ttls &cfg, _In_ credentials_ttls &cred);
///
/// Moves an EAP method
@@ -82,6 +82,24 @@ namespace eap
/// \name Packet processing
/// @{
///
/// Starts an EAP authentication session on the peer EapHost using the EAP method.
///
/// \sa [EapPeerBeginSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363600.aspx)
///
virtual void begin_session(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwMaxSendPacketSize);
///
/// Ends an EAP authentication session for the EAP method.
///
/// \sa [EapPeerEndSession function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363604.aspx)
///
virtual void end_session();
///
/// Processes a packet received by EapHost from a supplicant.
///
@@ -122,7 +140,7 @@ namespace eap
///
virtual void derive_msk();
#else
#endif
///
/// Processes an application message
@@ -132,23 +150,17 @@ namespace eap
///
virtual void process_application_data(_In_bytecount_(size_msg) const void *msg, _In_ size_t size_msg);
#endif
///
/// Makes a PAP client message
///
/// \sa [Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0) (Chapter 11.2.5. PAP)](https://tools.ietf.org/html/rfc5281#section-11.2.5)
///
/// \returns PAP client message
///
sanitizing_blob make_pap_client() const;
public:
credentials_ttls &m_cred; ///< TTLS credentials
protected:
config_method_ttls &m_cfg; ///< EAP-TTLS method configuration
credentials_ttls &m_cred; ///< EAP-TTLS credentials
#pragma warning(suppress: 4480)
enum version_t :unsigned char {
version_0 = 0, ///< EAP-TTLS v0
} m_version; ///< EAP-TTLS version
std::unique_ptr<method> m_inner; ///< Inner authentication method
unsigned char m_inner_packet_id; ///< Inner packet ID
DWORD m_size_inner_packet_max; ///< Maximum size of inner response packet
};
}

33
lib/TTLS/include/Module.h
View File

@@ -211,19 +211,36 @@ namespace eap
/// @}
protected:
///
/// Checks all configured providers and tries to combine credentials.
///
const config_method_ttls* combine_credentials(
_In_ DWORD dwFlags,
_In_ const config_connection &cfg,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwUserDataSize,
_Out_ credentials_connection& cred_out,
_In_ HANDLE hTokenImpersonateUser);
protected:
class session {
public:
inline session(_In_ module &mod) :
m_cfg(mod),
m_cred(mod),
m_method(mod, m_cfg, m_cred)
{}
session(_In_ module &mod);
virtual ~session();
public:
config_connection m_cfg; ///< Connection configuration
credentials_ttls m_cred; ///< User credentials
method_ttls m_method; ///< EAP-TTLS method
module &m_module; ///< Module
config_connection m_cfg; ///< Connection configuration
credentials_connection m_cred; ///< Connection credentials
std::unique_ptr<method_ttls> m_method; ///< EAP-TTLS method
// The following members are required to avoid memory leakage in get_result()
EAP_ATTRIBUTES m_eap_attr_desc; ///< EAP attributes descriptor
BYTE *m_blob_cfg; ///< Configuration BLOB
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
BYTE *m_blob_cred; ///< Credentials BLOB
#endif
};
};
}

195
lib/TTLS/src/Config.cpp
View File

@@ -29,8 +29,11 @@ using namespace winstd;
//////////////////////////////////////////////////////////////////////
eap::config_method_ttls::config_method_ttls(_In_ module &mod) :
m_inner(new config_method_pap(mod)),
config_method_tls(mod)
{
// TTLS is using blank pre-shared credentials per default.
m_use_preshared = true;
}
@@ -87,33 +90,69 @@ void eap::config_method_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode
config_method_tls::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
// <ClientSideCredential>
com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), bstr(L"ClientSideCredential"), namespace_eapmetadata, &pXmlElClientSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ClientSideCredential> element.");
// <ClientSideCredential>/<AnonymousIdentity>
if (!m_anonymous_identity.empty())
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), bstrNamespace, bstr(m_anonymous_identity))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"AnonymousIdentity"), namespace_eapmetadata, bstr(m_anonymous_identity))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AnonymousIdentity> element.");
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), namespace_eapmetadata, &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
if (dynamic_cast<const config_method_pap*>(m_inner.get())) {
eap_type_t eap_type = m_inner->get_method_id();
if (eap_type_noneap_start <= eap_type && eap_type < eap_type_noneap_end) {
// <InnerAuthenticationMethod>/<NonEAPAuthMethod>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))))
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), namespace_eapmetadata, bstr(m_inner->get_method_str()))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <NonEAPAuthMethod> element.");
} else {
// <InnerAuthenticationMethod>/<EAPMethod>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"EAPMethod"), namespace_eapmetadata, (DWORD)m_inner->get_method_id())))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <EAPMethod> element.");
}
// <InnerAuthenticationMethod>/...
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
} else
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Unsupported inner authentication method.");
// <InnerAuthenticationMethod>/...
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
{
com_obj<IXMLDOMNode> pXmlElClientSideCredential;
if (SUCCEEDED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential))) {
// Fix 1: Pre-shared outer credentials in draft-winter-opsawg-eap-metadata has some bizarre presence/absence/blank logic for EAP-TTLS methods only.
// To keep our code clean, we do some post-processing, to make draft compliant XML on output, while keeping things simple on the inside.
if (m_use_preshared && m_preshared->empty()) {
// For empty pre-shared client certificate <ClientCertificate/> must not be present.
com_obj<IXMLDOMNode> pXmlElClientCertificate;
if (SUCCEEDED(hr = eapxml::select_node(pXmlElClientSideCredential, bstr(L"eap-metadata:ClientCertificate"), &pXmlElClientCertificate))) {
com_obj<IXMLDOMNode> pXmlElClientCertificateOld;
hr = pXmlElClientSideCredential->removeChild(pXmlElClientCertificate, &pXmlElClientCertificateOld);
}
} else if (!m_use_preshared) {
// When not using pre-shared (user must supply one), add empty <ClientCertificate/>.
com_obj<IXMLDOMElement> pXmlElClientCertificate;
hr = eapxml::create_element(pDoc, pXmlElClientSideCredential, bstr(L"eap-metadata:ClientCertificate"), bstr(L"ClientCertificate"), namespace_eapmetadata, &pXmlElClientCertificate);
}
// Fix 2: draft-winter-opsawg-eap-metadata is using <OuterIdentity> name for <UserName> when referring to outer identity of EAP-TTLS.
// GÉANTLink is using <UserName> for identities and usernames uniformly. Create <OuterIdentity> and remove <UserName>.
com_obj<IXMLDOMElement> pXmlElUserName;
if (SUCCEEDED(hr = eapxml::select_element(pXmlElClientSideCredential, bstr(L"eap-metadata:UserName"), &pXmlElUserName))) {
bstr identity;
if (SUCCEEDED(hr = pXmlElUserName->get_text(&identity))) {
if (SUCCEEDED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"OuterIdentity"), namespace_eapmetadata, identity))) {
com_obj<IXMLDOMNode> pXmlElClientCertificateOld;
hr = pXmlElClientSideCredential->removeChild(pXmlElUserName, &pXmlElClientCertificateOld);
}
}
}
}
}
}
@@ -122,6 +161,43 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
assert(pConfigRoot);
HRESULT hr;
{
com_obj<IXMLDOMNode> pXmlElClientSideCredential;
if (SUCCEEDED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:ClientSideCredential"), &pXmlElClientSideCredential))) {
com_obj<IXMLDOMDocument> pDoc;
if (SUCCEEDED(hr = pXmlElClientSideCredential->get_ownerDocument(&pDoc))) {
// Fix 1: Pre-shared outer credentials in draft-winter-opsawg-eap-metadata has some bizarre presence/absence/blank logic for EAP-TTLS methods only.
// To keep our code clean, we do some pre-processing, to accept draft compliant XML on input, while keeping things simple on the inside.
com_obj<IXMLDOMNode> pXmlElClientCertificate;
if (SUCCEEDED(hr = eapxml::select_node(pXmlElClientSideCredential, bstr(L"eap-metadata:ClientCertificate"), &pXmlElClientCertificate))) {
VARIANT_BOOL has_children;
if (SUCCEEDED(hr = pXmlElClientCertificate->hasChildNodes(&has_children)) && !has_children) {
// Empty <ClientCertificate/> means: do not use pre-shared credentials.
com_obj<IXMLDOMNode> pXmlElClientCertificateOld;
hr = pXmlElClientSideCredential->removeChild(pXmlElClientCertificate, &pXmlElClientCertificateOld);
}
} else {
// Nonexisting <ClientSideCredential> means: use blank pre-shared credentials.
com_obj<IXMLDOMElement> pXmlElClientCertificate;
hr = eapxml::create_element(pDoc, pXmlElClientSideCredential, bstr(L"eap-metadata:ClientCertificate"), bstr(L"ClientCertificate"), namespace_eapmetadata, &pXmlElClientCertificate);
}
// Fix 2: draft-winter-opsawg-eap-metadata is using <OuterIdentity> name for <UserName> when referring to outer identity of EAP-TTLS.
// GÉANTLink is using <UserName> for identities and usernames uniformly. Create <UserName> and remove <OuterIdentity>.
com_obj<IXMLDOMElement> pXmlElOuterIdentity;
if (SUCCEEDED(hr = eapxml::select_element(pXmlElClientSideCredential, bstr(L"eap-metadata:OuterIdentity"), &pXmlElOuterIdentity))) {
bstr identity;
if (SUCCEEDED(hr = pXmlElOuterIdentity->get_text(&identity))) {
if (SUCCEEDED(hr = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, bstr(L"UserName"), namespace_eapmetadata, identity))) {
com_obj<IXMLDOMNode> pXmlElClientCertificateOld;
hr = pXmlElClientSideCredential->removeChild(pXmlElOuterIdentity, &pXmlElClientCertificateOld);
}
}
}
}
}
}
config_method_tls::load(pConfigRoot);
std::wstring xpath(eapxml::get_xpath(pConfigRoot));
@@ -144,63 +220,38 @@ void eap::config_method_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
// Determine inner authentication type (<EAPMethod> and <NonEAPAuthMethod>).
//DWORD dwMethodID;
DWORD dwMethod;
bstr bstrMethod;
/*if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethodID)) &&
dwMethodID == EAP_TYPE_MSCHAPV2)
if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:EAPMethod"), &dwMethod)) &&
eap_type_start <= dwMethod && dwMethod < eap_type_end)
{
// MSCHAPv2
// TODO: Add MSCHAPv2 support.
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " MSCHAPv2 not supported yet.");
} else*/ if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:NonEAPAuthMethod"), &bstrMethod)) &&
CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrMethod, bstrMethod.length(), L"PAP", -1, NULL, NULL, 0) == CSTR_EQUAL)
{
// PAP
m_module.log_config((xpath + L"/NonEAPAuthMethod").c_str(), L"PAP");
m_inner.reset(new config_method_pap(m_module));
m_inner->load(pXmlElInnerAuthenticationMethod);
m_inner.reset(make_config_method((eap_type_t)dwMethod));
m_module.log_config((xpath + L"/EAPMethod").c_str(), m_inner->get_method_str());
} else if (SUCCEEDED(eapxml::get_element_value(pXmlElInnerAuthenticationMethod, bstr(L"eap-metadata:NonEAPAuthMethod"), &bstrMethod))) {
m_inner.reset(make_config_method(bstrMethod));
m_module.log_config((xpath + L"/NonEAPAuthMethod").c_str(), m_inner->get_method_str());
} else
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Unsupported inner authentication method.");
m_inner->load(pXmlElInnerAuthenticationMethod);
}
void eap::config_method_ttls::operator<<(_Inout_ cursor_out &cursor) const
{
config_method_tls::operator<<(cursor);
if (m_inner) {
if (dynamic_cast<config_method_pap*>(m_inner.get())) {
cursor << eap_type_pap;
cursor << *m_inner;
} else {
assert(0); // Unsupported inner authentication method type.
cursor << eap_type_undefined;
}
} else
cursor << eap_type_undefined;
cursor << m_inner->get_method_id();
cursor << *m_inner;
cursor << m_anonymous_identity;
}
size_t eap::config_method_ttls::get_pk_size() const
{
size_t size_inner;
if (m_inner) {
if (dynamic_cast<config_method_pap*>(m_inner.get())) {
size_inner =
pksizeof(eap_type_pap) +
pksizeof(*m_inner);
} else {
assert(0); // Unsupported inner authentication method type.
size_inner = pksizeof(eap_type_undefined);
}
} else
size_inner = pksizeof(eap_type_undefined);
return
config_method_tls::get_pk_size() +
size_inner +
pksizeof(m_inner->get_method_id()) +
pksizeof(*m_inner) +
pksizeof(m_anonymous_identity);
}
@@ -211,16 +262,8 @@ void eap::config_method_ttls::operator>>(_Inout_ cursor_in &cursor)
eap_type_t eap_type;
cursor >> eap_type;
switch (eap_type) {
case eap_type_pap:
m_inner.reset(new config_method_pap(m_module));
cursor >> *m_inner;
break;
default:
assert(0); // Unsupported inner authentication method type.
m_inner.reset(nullptr);
}
m_inner.reset(make_config_method(eap_type));
cursor >> *m_inner;
cursor >> m_anonymous_identity;
}
@@ -231,6 +274,40 @@ eap_type_t eap::config_method_ttls::get_method_id() const
}
const wchar_t* eap::config_method_ttls::get_method_str() const
{
return L"EAP-TTLS";
}
eap::credentials* eap::config_method_ttls::make_credentials() const
{
credentials_ttls *cred = new credentials_ttls(m_module);
cred->m_inner.reset(m_inner->make_credentials());
return cred;
}
eap::config_method_with_cred* eap::config_method_ttls::make_config_method(_In_ winstd::eap_type_t eap_type) const
{
switch (eap_type) {
case eap_type_tls : return new config_method_tls (m_module);
case eap_type_ttls: return new config_method_ttls(m_module);
case eap_type_pap : return new config_method_pap (m_module);
default : throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}
}
eap::config_method_with_cred* eap::config_method_ttls::make_config_method(_In_ const wchar_t *eap_type) const
{
if (_wcsicmp(eap_type, L"EAP-TLS" ) == 0) return new config_method_tls (m_module);
else if (_wcsicmp(eap_type, L"EAP-TTLS") == 0) return new config_method_ttls(m_module);
else if (_wcsicmp(eap_type, L"PAP" ) == 0) return new config_method_pap (m_module);
else throw invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}
wstring eap::config_method_ttls::get_public_identity(const credentials_ttls &cred) const
{
if (m_anonymous_identity.empty()) {

122
lib/TTLS/src/Credentials.cpp
View File

@@ -79,14 +79,13 @@ eap::config* eap::credentials_ttls::clone() const
void eap::credentials_ttls::clear()
{
credentials_tls::clear();
if (m_inner)
m_inner->clear();
m_inner->clear();
}
bool eap::credentials_ttls::empty() const
{
return credentials_tls::empty() && (!m_inner || m_inner->empty());
return credentials_tls::empty() && m_inner->empty();
}
@@ -97,20 +96,15 @@ void eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
credentials_tls::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr;
if (m_inner) {
// <InnerAuthenticationMethod>
winstd::com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if (FAILED(hr = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), namespace_eapmetadata, &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL)))
throw com_runtime_error(hr, __FUNCTION__ " Error appending <InnerAuthenticationMethod> element.");
}
// <InnerAuthenticationMethod>/...
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
}
@@ -121,69 +115,34 @@ void eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot)
credentials_tls::load(pConfigRoot);
// TODO: For the time being, there is no detection what type is inner method. Introduce one!
if (m_inner) {
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <InnerAuthenticationMethod> element.");
// Load inner credentials.
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
if (SUCCEEDED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)))
m_inner->load(pXmlElInnerAuthenticationMethod);
}
else
m_inner->clear();
}
void eap::credentials_ttls::operator<<(_Inout_ cursor_out &cursor) const
{
credentials_tls::operator<<(cursor);
if (m_inner) {
if (dynamic_cast<credentials_pap*>(m_inner.get())) {
cursor << eap_type_pap;
cursor << *m_inner;
} else {
assert(0); // Unsupported inner authentication method type.
cursor << eap_type_undefined;
}
} else
cursor << eap_type_undefined;
cursor << *m_inner;
}
size_t eap::credentials_ttls::get_pk_size() const
{
size_t size_inner;
if (m_inner) {
if (dynamic_cast<credentials_pap*>(m_inner.get())) {
size_inner =
pksizeof(eap_type_pap) +
pksizeof(*m_inner);
} else {
assert(0); // Unsupported inner authentication method type.
size_inner = pksizeof(eap_type_undefined);
}
} else
size_inner = pksizeof(eap_type_undefined);
return
credentials_tls::get_pk_size() +
size_inner;
pksizeof(*m_inner);
}
void eap::credentials_ttls::operator>>(_Inout_ cursor_in &cursor)
{
credentials_tls::operator>>(cursor);
eap_type_t eap_type;
cursor >> eap_type;
switch (eap_type) {
case eap_type_pap:
m_inner.reset(new credentials_pap(m_module));
cursor >> *m_inner;
break;
default:
assert(0); // Unsupported inner authentication method type.
m_inner.reset(nullptr);
}
cursor >> *m_inner;
}
@@ -193,8 +152,7 @@ void eap::credentials_ttls::store(_In_z_ LPCTSTR pszTargetName) const
credentials_tls::store(pszTargetName);
if (m_inner)
m_inner->store(pszTargetName);
m_inner->store(pszTargetName);
}
@@ -204,38 +162,38 @@ void eap::credentials_ttls::retrieve(_In_z_ LPCTSTR pszTargetName)
credentials_tls::retrieve(pszTargetName);
if (m_inner)
m_inner->retrieve(pszTargetName);
m_inner->retrieve(pszTargetName);
}
LPCTSTR eap::credentials_ttls::target_suffix() const
{
assert(0); // Not that we would ever store inner&outer credentials to Windows Credential Manager joined, but for completness sake... Here we go:
return _T("TTLS");
}
std::wstring eap::credentials_ttls::get_identity() const
wstring eap::credentials_ttls::get_identity() const
{
// Outer identity has the right-of-way.
if (!credentials_tls::empty())
return credentials_tls::get_identity();
wstring identity(credentials_tls::get_identity());
if (!identity.empty())
return identity;
// Inner identity.
if (m_inner)
return m_inner->get_identity();
return L"";
return m_inner->get_identity();
}
pair<eap::credentials::source_t, eap::credentials::source_t> eap::credentials_ttls::combine(
_In_ const credentials_ttls *cred_cached,
_In_ const config_method_ttls &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
eap::credentials::source_t eap::credentials_ttls::combine(
_In_ const credentials *cred_cached,
_In_ const config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
{
return pair<source_t, source_t>(
credentials_tls::combine(cred_cached, cfg, pszTargetName),
dynamic_cast<const credentials_pap*>(m_inner.get()) ? ((credentials_pap*)m_inner.get())->combine(cred_cached ? (credentials_pap*)cred_cached->m_inner.get() : NULL, (const config_method_pap&)*cfg.m_inner, pszTargetName) : source_unknown);
// Combine outer credentials.
source_t src_outer = credentials_tls::combine(
cred_cached,
cfg,
pszTargetName);
// Combine inner credentials.
source_t src_inner = m_inner->combine(
cred_cached ? ((const credentials_ttls*)cred_cached)->m_inner.get() : NULL,
*((const config_method_ttls&)cfg).m_inner,
pszTargetName);
return std::min<source_t>(src_outer, src_inner);
}

270
lib/TTLS/src/Method.cpp
View File

@@ -28,18 +28,25 @@ using namespace winstd;
// eap::method_ttls
//////////////////////////////////////////////////////////////////////
eap::method_ttls::method_ttls(_In_ module &module, _In_ config_connection &cfg, _In_ credentials_ttls &cred) :
eap::method_ttls::method_ttls(_In_ module &module, _In_ config_method_ttls &cfg, _In_ credentials_ttls &cred) :
m_cfg(cfg),
m_cred(cred),
m_version(version_0),
m_inner_packet_id(0),
m_size_inner_packet_max(0),
method_tls(module, cfg, cred)
{
}
eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) :
m_cred(other.m_cred),
m_version(std::move(other.m_version)),
method_tls(std::move(other))
m_cfg ( other.m_cfg ),
m_cred ( other.m_cred ),
m_version (std::move(other.m_version )),
m_inner (std::move(other.m_inner )),
m_inner_packet_id (std::move(other.m_inner_packet_id )),
m_size_inner_packet_max(std::move(other.m_size_inner_packet_max)),
method_tls (std::move(other ))
{
}
@@ -47,14 +54,42 @@ eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) :
eap::method_ttls& eap::method_ttls::operator=(_Inout_ method_ttls &&other)
{
if (this != std::addressof(other)) {
(method_tls&)*this = std::move(other);
m_version = std::move(other.m_version);
(method_tls&)*this = std::move(other );
m_version = std::move(other.m_version );
m_inner = std::move(other.m_inner );
m_inner_packet_id = std::move(other.m_inner_packet_id );
m_size_inner_packet_max = std::move(other.m_size_inner_packet_max);
}
return *this;
}
void eap::method_ttls::begin_session(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwMaxSendPacketSize)
{
method_tls::begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize);
// Initialize inner method.
switch (m_cfg.m_inner->get_method_id()) {
case eap_type_pap: m_inner.reset(new method_pap(m_module, (config_method_pap&)*m_cfg.m_inner, (credentials_pap&)*m_cred.m_inner.get()));
default: invalid_argument(__FUNCTION__ " Unsupported inner authentication method.");
}
m_inner->begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, m_size_inner_packet_max = dwMaxSendPacketSize); // TODO: Maximum inner packet size should have subtracted TLS overhead
m_inner_packet_id = 0;
}
void eap::method_ttls::end_session()
{
m_inner->end_session();
method_tls::end_session();
}
void eap::method_ttls::process_request_packet(
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_In_ DWORD dwReceivedPacketSize,
@@ -71,22 +106,6 @@ void eap::method_ttls::process_request_packet(
// Do the TLS.
method_tls::process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
#if EAP_TLS < EAP_TLS_SCHANNEL
if (m_phase == phase_application_data) {
// Send inner authentication.
if (!m_state_client.m_alg_encrypt)
throw runtime_error(__FUNCTION__ " Refusing to send credentials unencrypted.");
m_module.log_event(&EAPMETHOD_TTLS_INNER_CRED, event_data((unsigned int)eap_type_ttls), event_data(m_cred.m_inner->get_name()), event_data::blank);
m_packet_res.m_code = EapCodeResponse;
m_packet_res.m_id = m_packet_req.m_id;
m_packet_res.m_flags = 0;
sanitizing_blob msg_application(make_message(tls_message_type_application_data, make_pap_client()));
m_packet_res.m_data.insert(m_packet_res.m_data.end(), msg_application.begin(), msg_application.end());
}
#endif
}
@@ -111,29 +130,12 @@ void eap::method_ttls::get_result(
// Do the TLS.
method_tls::get_result(reason, ppResult);
} else {
// The TLS finished, this is inner authentication's bussines.
config_provider &cfg_prov(m_cfg.m_providers.front());
config_method_ttls *cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
// Get inner method result.
EapPeerMethodResult result = {};
m_inner->get_result(reason, &result);
switch (reason) {
case EapPeerMethodResultSuccess: {
m_module.log_event(&EAPMETHOD_TTLS_INNER_SUCCESS, event_data((unsigned int)eap_type_ttls), event_data::blank);
cfg_method->m_inner->m_auth_failed = false;
break;
}
case EapPeerMethodResultFailure:
m_module.log_event(&EAPMETHOD_TTLS_INNER_FAILURE, event_data((unsigned int)eap_type_ttls), event_data::blank);
// Mark credentials as failed, so GUI can re-prompt user.
// But be careful: do so only if this happened after transition from handshake to application data phase.
cfg_method->m_inner->m_auth_failed = m_phase_prev < phase_application_data;
break;
default:
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
if (result.fSaveConnectionData)
ppResult->fSaveConnectionData = TRUE;
#if EAP_TLS >= EAP_TLS_SCHANNEL
// EAP-TTLS uses different label in PRF for MSK derivation than EAP-TLS.
@@ -143,8 +145,6 @@ void eap::method_ttls::get_result(
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ "Error setting EAP-TTLS PRF in Schannel.");
#endif
// The TLS was OK.
method_tls::get_result(EapPeerMethodResultSuccess, ppResult);
// Do not report failure to EapHost, as it will not save updated configuration then. But we need it to save it, to alert user on next connection attempt.
@@ -192,121 +192,97 @@ void eap::method_ttls::derive_msk()
_key_block += sizeof(tls_random);
}
#else
#endif
void eap::method_ttls::process_application_data(_In_bytecount_(size_msg) const void *msg, _In_ size_t size_msg)
{
UNREFERENCED_PARAMETER(msg);
UNREFERENCED_PARAMETER(size_msg);
// Prepare inner authentication.
#if EAP_TLS < EAP_TLS_SCHANNEL
if (!m_state_client.m_alg_encrypt)
#else
if (!(m_sc_ctx.m_attrib & ISC_RET_CONFIDENTIALITY))
throw runtime_error(__FUNCTION__ " Refusing to send credentials unencrypted.");
#endif
throw runtime_error(__FUNCTION__ " Refusing to continue with inner authentication unencrypted.");
m_module.log_event(&EAPMETHOD_TTLS_INNER_CRED, event_data((unsigned int)eap_type_ttls), event_data(m_cred.m_inner->get_name()), event_data::blank);
EapPeerMethodOutput eap_output = {};
eap_type_t eap_type = m_cfg.m_inner->get_method_id();
if (eap_type_noneap_start <= eap_type && eap_type < eap_type_noneap_end) {
// Inner method is natively non-EAP. Server sent raw data, but all our eap::method derived classes expect EAP encapsulated.
// Encapsulate in an EAP packet.
assert(size_msg < 0xffff);
unsigned short size_packet = (unsigned short)size_msg + 4;
sanitizing_blob packet;
packet.reserve(size_packet);
packet.push_back(EapCodeRequest);
packet.push_back(m_inner_packet_id++);
unsigned short size2 = htons(size_packet);
packet.insert(packet.end(), (unsigned char*)&size2, (unsigned char*)(&size2 + 1));
packet.insert(packet.end(), (unsigned char*)msg, (unsigned char*)msg + size_msg);
m_inner->process_request_packet((const EapPacket*)packet.data(), size_packet, &eap_output);
} else {
// Inner packet is EAP-aware.
m_inner->process_request_packet((const EapPacket*)msg, (DWORD)size_msg, &eap_output);
}
SECURITY_STATUS status;
switch (eap_output.action) {
case EapPeerMethodResponseActionSend: {
// Retrieve inner packet and send it.
// Get maximum message sizes.
SecPkgContext_StreamSizes sizes;
status = QueryContextAttributes(m_sc_ctx, SECPKG_ATTR_STREAM_SIZES, &sizes);
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ " Error getting Schannel required encryption sizes.");
// Get maximum message size and allocate memory for response packet.
#if EAP_TLS < EAP_TLS_SCHANNEL
m_packet_res.m_code = EapCodeResponse;
m_packet_res.m_id = m_packet_req.m_id;
m_packet_res.m_flags = 0;
// Make PAP message.
sanitizing_blob msg_pap(make_pap_client());
assert(msg_pap.size() < sizes.cbMaximumMessage);
unsigned long size_data = std::min<unsigned long>(sizes.cbMaximumMessage, (unsigned long)msg_pap.size()); // Truncate
DWORD size_data = m_size_inner_packet_max;
sanitizing_blob data(size_data, 0);
unsigned char *ptr_data = data.data();
#else
SecPkgContext_StreamSizes sizes;
SECURITY_STATUS status = QueryContextAttributes(m_sc_ctx, SECPKG_ATTR_STREAM_SIZES, &sizes);
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ " Error getting Schannel required encryption sizes.");
sanitizing_blob data(sizes.cbHeader + size_data + sizes.cbTrailer, 0);
memcpy(data.data() + sizes.cbHeader, msg_pap.data(), size_data);
sanitizing_blob data(sizes.cbHeader + m_size_inner_packet_max + sizes.cbTrailer, 0);
DWORD size_data = m_size_inner_packet_max;
unsigned char *ptr_data = data.data() + sizes.cbHeader;
#endif
m_inner->get_response_packet((EapPacket*)ptr_data, &size_data);
// Prepare input/output buffer(s).
SecBuffer buf[] = {
{ sizes.cbHeader, SECBUFFER_STREAM_HEADER , data.data() },
{ size_data, SECBUFFER_DATA , data.data() + sizes.cbHeader },
{ sizes.cbTrailer, SECBUFFER_STREAM_TRAILER, data.data() + sizes.cbHeader + size_data },
{ 0, SECBUFFER_EMPTY , NULL },
};
SecBufferDesc buf_desc = {
SECBUFFER_VERSION,
_countof(buf),
buf
};
if (eap_type_noneap_start <= eap_type && eap_type < eap_type_noneap_end) {
// Inner method is non-EAP. Strip EAP header, since server expect raw data.
memmove(ptr_data, ptr_data + 4, size_data -= 4);
}
// Encrypt the message.
status = EncryptMessage(m_sc_ctx, 0, &buf_desc, 0);
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ " Error encrypting message.");
m_packet_res.m_data.insert(m_packet_res.m_data.end(), (const unsigned char*)buf[0].pvBuffer, (const unsigned char*)buf[0].pvBuffer + buf[0].cbBuffer + buf[1].cbBuffer + buf[2].cbBuffer);
}
#if EAP_TLS < EAP_TLS_SCHANNEL
data.resize(size_data);
sanitizing_blob msg_application(make_message(tls_message_type_application_data, std::move(data)));
m_packet_res.m_data.insert(m_packet_res.m_data.end(), msg_application.begin(), msg_application.end());
#else
// Prepare input/output buffer(s).
SecBuffer buf[] = {
{ sizes.cbHeader, SECBUFFER_STREAM_HEADER , data.data() },
{ size_data, SECBUFFER_DATA , ptr_data },
{ sizes.cbTrailer, SECBUFFER_STREAM_TRAILER, ptr_data + size_data },
{ 0, SECBUFFER_EMPTY , NULL },
};
SecBufferDesc buf_desc = {
SECBUFFER_VERSION,
_countof(buf),
buf
};
// Encrypt the message.
status = EncryptMessage(m_sc_ctx, 0, &buf_desc, 0);
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ " Error encrypting message.");
m_packet_res.m_data.insert(m_packet_res.m_data.end(), (const unsigned char*)buf[0].pvBuffer, (const unsigned char*)buf[0].pvBuffer + buf[0].cbBuffer + buf[1].cbBuffer + buf[2].cbBuffer);
#endif
break;
}
eap::sanitizing_blob eap::method_ttls::make_pap_client() const
{
const credentials_pap *cred = dynamic_cast<credentials_pap*>(m_cred.m_inner.get());
if (!cred)
throw invalid_argument(__FUNCTION__ " Inner credentials missing or not PAP.");
// Convert username and password to UTF-8.
sanitizing_string identity_utf8, password_utf8;
WideCharToMultiByte(CP_UTF8, 0, cred->m_identity.c_str(), (int)cred->m_identity.length(), identity_utf8, NULL, NULL);
WideCharToMultiByte(CP_UTF8, 0, cred->m_password.c_str(), (int)cred->m_password.length(), password_utf8, NULL, NULL);
// PAP passwords must be padded to 16B boundary according to RFC 5281. Will not add random extra padding here, as length obfuscation should be done by TLS encryption layer.
size_t padding_password_ex = (16 - password_utf8.length()) % 16;
password_utf8.append(padding_password_ex, 0);
size_t
size_identity = identity_utf8.length(),
size_password = password_utf8.length(),
padding_identity = (4 - size_identity ) % 4,
padding_password = (4 - password_utf8.length()) % 4,
size_identity_outer,
size_password_outer;
sanitizing_blob msg;
msg.reserve(
(size_identity_outer =
4 + // Diameter AVP Code
4 + // Diameter AVP Flags & Length
size_identity) + // Identity
padding_identity + // Identity padding
(size_password_outer =
4 + // Diameter AVP Code
4 + // Diameter AVP Flags & Length
size_password) + // Password
padding_password); // Password padding
// Diameter AVP Code User-Name (0x00000001)
msg.push_back(0x00);
msg.push_back(0x00);
msg.push_back(0x00);
msg.push_back(0x01);
// Diameter AVP Flags & Length
unsigned int identity_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_identity_outer);
msg.insert(msg.end(), (unsigned char*)&identity_hdr, (unsigned char*)(&identity_hdr + 1));
// Identity
msg.insert(msg.end(), identity_utf8.begin(), identity_utf8.end());
msg.insert(msg.end(), padding_identity, 0);
// Diameter AVP Code User-Password (0x00000002)
msg.push_back(0x00);
msg.push_back(0x00);
msg.push_back(0x00);
msg.push_back(0x02);
// Diameter AVP Flags & Length
unsigned int password_hdr = htonl((diameter_avp_flag_mandatory << 24) | (unsigned int)size_password_outer);
msg.insert(msg.end(), (unsigned char*)&password_hdr, (unsigned char*)(&password_hdr + 1));
// Password
msg.insert(msg.end(), password_utf8.begin(), password_utf8.end());
msg.insert(msg.end(), padding_password, 0);
return msg;
default:
throw invalid_argument(string_printf(__FUNCTION__ " Inner method returned an unsupported action (action %u).", eap_output.action).c_str());
}
}

236
lib/TTLS/src/Module.cpp
View File

@@ -76,81 +76,29 @@ void eap::peer_ttls::get_identity(
// Unpack configuration.
config_connection cfg(*this);
unpack(cfg, pConnectionData, dwConnectionDataSize);
if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty())
throw invalid_argument(__FUNCTION__ " Configuration has no providers and/or methods.");
// Get method configuration.
const config_provider &cfg_prov(cfg.m_providers.front());
const config_method_ttls *cfg_method = dynamic_cast<const config_method_ttls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
// Combine credentials.
credentials_connection cred_out(*this, cfg);
const config_method_ttls *cfg_method = combine_credentials(dwFlags, cfg, pUserData, dwUserDataSize, cred_out, hTokenImpersonateUser);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
// Unpack cached credentials.
credentials_ttls cred_in(*this);
if (dwUserDataSize)
unpack(cred_in, pUserData, dwUserDataSize);
#else
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(dwUserDataSize);
#endif
credentials_ttls cred_out(*this);
// Determine inner credential type.
eap_type_t type_inner;
if (dynamic_cast<const config_method_pap*>(cfg_method->m_inner.get())) {
cred_out.m_inner.reset(new credentials_pap(*this));
type_inner = eap_type_pap;
if (cfg_method) {
// No UI will be necessary.
*pfInvokeUI = FALSE;
} else {
assert(0); // Unsupported inner authentication method type.
type_inner = eap_type_undefined;
}
{
// Combine credentials.
user_impersonator impersonating(hTokenImpersonateUser);
pair<eap::credentials::source_t, eap::credentials::source_t> cred_source(cred_out.combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
&cred_in,
#else
NULL,
#endif
*cfg_method,
(dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL));
// If either of credentials is unknown, request UI.
*pfInvokeUI = cred_source.first == eap::credentials::source_unknown || cred_source.second == eap::credentials::source_unknown ? TRUE : FALSE;
}
if (*pfInvokeUI) {
// Credentials missing or incomplete.
if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) {
// Per-user authentication
// Per-user authentication, request UI.
log_event(&EAPMETHOD_TRACE_EVT_CRED_INVOKE_UI2, event_data::blank);
*pfInvokeUI = TRUE;
return;
} else {
// Per-machine authentication
// Per-machine authentication, cannot use UI.
throw win_runtime_error(ERROR_NO_SUCH_USER, __FUNCTION__ " Credentials for per-machine authentication not available.");
}
}
// If we got here, we have all credentials we need. But, wait!
if (cfg_method->m_auth_failed) {
// Outer TLS: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)eap_type_tls), event_data::blank);
*pfInvokeUI = TRUE;
return;
}
if (cfg_method->m_inner->m_auth_failed) {
// Inner: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)type_inner), event_data::blank);
*pfInvokeUI = TRUE;
return;
}
// Build our identity. ;)
wstring identity(std::move(cfg_method->get_public_identity(cred_out)));
wstring identity(std::move(cfg_method->get_public_identity((const credentials_ttls&)*cred_out.m_cred)));
log_event(&EAPMETHOD_TRACE_EVT_CRED_OUTER_ID1, event_data((unsigned int)eap_type_ttls), event_data(identity), event_data::blank);
size_t size = sizeof(WCHAR)*(identity.length() + 1);
*ppwszIdentity = (WCHAR*)alloc_memory(size);
@@ -254,8 +202,26 @@ EAP_SESSION_HANDLE eap::peer_ttls::begin_session(
// Unpack credentials.
unpack(s->m_cred, pUserData, dwUserDataSize);
config_method_ttls *cfg_method;
for (config_connection::provider_list::iterator cfg_prov = s->m_cfg.m_providers.begin(), cfg_prov_end = s->m_cfg.m_providers.end();; ++cfg_prov) {
if (cfg_prov != cfg_prov_end) {
if (_wcsicmp(cfg_prov->m_id.c_str(), s->m_cred.m_id.c_str()) == 0) {
// Matching provider found.
if (cfg_prov->m_methods.empty())
throw invalid_argument(string_printf(__FUNCTION__ " %ls provider has no methods.", cfg_prov->m_id.c_str()).c_str());
cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov->m_methods.front().get());
break;
}
} else
throw invalid_argument(string_printf(__FUNCTION__ " Credentials do not match to any provider ID within this connection configuration (provider ID: %ls).", s->m_cred.m_id.c_str()).c_str());
}
// We have configuration, we have credentials, create method.
s->m_method.reset(new method_ttls(*this, *cfg_method, *(credentials_ttls*)s->m_cred.m_cred.get()));
// Initialize method.
s->m_method.begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize);
s->m_method->begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize);
return s.release();
}
@@ -279,7 +245,7 @@ void eap::peer_ttls::process_request_packet(
_Inout_ EapPeerMethodOutput *pEapOutput)
{
assert(dwReceivedPacketSize == ntohs(*(WORD*)pReceivedPacket->Length));
static_cast<session*>(hSession)->m_method.process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
static_cast<session*>(hSession)->m_method->process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
}
@@ -288,7 +254,7 @@ void eap::peer_ttls::get_response_packet(
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Inout_ DWORD *pdwSendPacketSize)
{
static_cast<session*>(hSession)->m_method.get_response_packet(pSendPacket, pdwSendPacketSize);
static_cast<session*>(hSession)->m_method->get_response_packet(pSendPacket, pdwSendPacketSize);
}
@@ -297,7 +263,27 @@ void eap::peer_ttls::get_result(
_In_ EapPeerMethodResultReason reason,
_Inout_ EapPeerMethodResult *ppResult)
{
static_cast<session*>(hSession)->m_method.get_result(reason, ppResult);
session *s = static_cast<session*>(hSession);
s->m_method->get_result(reason, ppResult);
s->m_eap_attr_desc.dwNumberOfAttributes = (DWORD)s->m_method->m_eap_attr.size();
s->m_eap_attr_desc.pAttribs = s->m_method->m_eap_attr.data();
ppResult->pAttribArray = &s->m_eap_attr_desc;
if (ppResult->fSaveConnectionData) {
pack(s->m_cfg, &ppResult->pConnectionData, &ppResult->dwSizeofConnectionData);
if (s->m_blob_cfg)
free_memory(s->m_blob_cfg);
s->m_blob_cfg = ppResult->pConnectionData;
}
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
ppResult->fSaveUserData = TRUE;
pack(s->m_cred, &ppResult->pUserData, &ppResult->dwSizeofUserData);
if (s->m_blob_cred)
free_memory(s->m_blob_cred);
s->m_blob_cred = ppResult->pUserData;
#endif
}
@@ -351,3 +337,119 @@ void eap::peer_ttls::set_response_attributes(
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
const eap::config_method_ttls* eap::peer_ttls::combine_credentials(
_In_ DWORD dwFlags,
_In_ const config_connection &cfg,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwUserDataSize,
_Out_ credentials_connection& cred_out,
_In_ HANDLE hTokenImpersonateUser)
{
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
// Unpack cached credentials.
credentials_connection cred_in(*this, cfg);
if (dwUserDataSize)
unpack(cred_in, pUserData, dwUserDataSize);
#else
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(dwUserDataSize);
#endif
user_impersonator impersonating(hTokenImpersonateUser);
for (config_connection::provider_list::const_iterator cfg_prov = cfg.m_providers.cbegin(), cfg_prov_end = cfg.m_providers.cend(); cfg_prov != cfg_prov_end; ++cfg_prov) {
// Get method configuration.
if (cfg_prov->m_methods.empty()) {
log_event(&EAPMETHOD_TRACE_EVT_CRED_NO_METHOD, event_data(cfg_prov->m_id), event_data::blank);
continue;
}
const config_method_ttls *cfg_method = dynamic_cast<const config_method_ttls*>(cfg_prov->m_methods.front().get());
assert(cfg_method);
// Combine credentials. We could use eap::credentials_ttls() to do all the work, but we would not know which credentials is missing then.
credentials_ttls *cred = (credentials_ttls*)cfg_method->make_credentials();
cred_out.m_cred.reset(cred);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
bool is_own = cred_in.m_cred && _wcsicmp(cred_in.m_id.c_str(), cfg_prov->m_id.c_str()) == 0;
#endif
// Combine outer credentials.
LPCTSTR target_name = (dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov->m_id.c_str() : NULL;
eap::credentials::source_t src_outer = cred->credentials_tls::combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
is_own ? cred_in.m_cred.get() : NULL,
#else
NULL,
#endif
*cfg_method,
target_name);
if (src_outer == eap::credentials::source_unknown) {
log_event(&EAPMETHOD_TRACE_EVT_CRED_UNKNOWN3, event_data(cfg_prov->m_id), event_data((unsigned int)eap_type_tls), event_data::blank);
continue;
}
// Combine inner credentials.
eap::credentials::source_t src_inner = cred->m_inner->combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
is_own ? ((credentials_ttls*)cred_in.m_cred.get())->m_inner.get() : NULL,
#else
NULL,
#endif
*cfg_method->m_inner,
target_name);
if (src_inner == eap::credentials::source_unknown) {
log_event(&EAPMETHOD_TRACE_EVT_CRED_UNKNOWN3, event_data(cfg_prov->m_id), event_data((unsigned int)cfg_method->m_inner->get_method_id()), event_data::blank);
continue;
}
// If we got here, we have all credentials we need. But, wait!
if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) {
if (cfg_method->m_auth_failed) {
// Outer: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(cfg_prov->m_id), event_data((unsigned int)eap_type_tls), event_data::blank);
continue;
}
if (cfg_method->m_inner->m_auth_failed) {
// Inner: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(cfg_prov->m_id), event_data((unsigned int)cfg_method->m_inner->get_method_id()), event_data::blank);
continue;
}
}
cred_out.m_id = cfg_prov->m_id;
return cfg_method;
}
return NULL;
}
//////////////////////////////////////////////////////////////////////
// eap::peer_ttls::session
//////////////////////////////////////////////////////////////////////
eap::peer_ttls::session::session(_In_ module &mod) :
m_module(mod),
m_cfg(mod),
m_cred(mod, m_cfg),
m_blob_cfg(NULL)
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
, m_blob_cred(NULL)
#endif
{}
eap::peer_ttls::session::~session()
{
if (m_blob_cfg)
m_module.free_memory(m_blob_cfg);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
if (m_blob_cred)
m_module.free_memory(m_blob_cred);
#endif
}

4
lib/TTLS/src/StdAfx.h
View File

@@ -25,6 +25,10 @@
#include "../include/Method.h"
#include "../include/Module.h"
#include "../../PAP/include/Config.h"
#include "../../PAP/include/Credentials.h"
#include "../../PAP/include/Method.h"
#include "../../EAPBase/include/EAPXML.h"
#include <WinStd/EAP.h>

22
lib/TTLS_UI/include/TTLS_UI.h
View File

@@ -40,6 +40,7 @@ class wxTTLSCredentialsPanel;
#include "../../TLS_UI/include/TLS_UI.h"
#include "../../TTLS/include/Config.h"
#include "../../PAP/include/Config.h"
#include <WinStd/Win.h>
@@ -75,14 +76,19 @@ class wxTTLSConfigWindow : public wxEAPConfigWindow
{
public:
///
/// Constructs a configuration panel
/// Constructs a configuration window
///
/// \param[in] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
///
/// Destructs the configuration window
///
virtual ~wxTTLSConfigWindow();
protected:
/// \cond internal
@@ -131,12 +137,12 @@ protected:
/// \endcond
public:
wxTLSCredentialsPanel *m_outer_cred; ///< Outer credentials panel
wxPanel *m_inner_cred; ///< Inner credentials panel
wxTLSCredentialsPanel *m_outer_cred; ///< Outer credentials panel
wxEAPCredentialsPanelBase *m_inner_cred; ///< Inner credentials panel
protected:
const eap::config_provider &m_prov; ///< EAP provider
const eap::config_method_ttls &m_cfg; ///< TTLS configuration
wxStaticText *m_outer_title; ///< Outer authentication title
wxStaticText *m_inner_title; ///< Inner authentication title
const eap::config_provider &m_prov; ///< EAP provider
const eap::config_method_ttls &m_cfg; ///< TTLS configuration
wxStaticText *m_outer_title; ///< Outer authentication title
wxStaticText *m_inner_title; ///< Inner authentication title
};

2
lib/TTLS_UI/res/wxTTLS_UI.cpp
View File

@@ -26,7 +26,7 @@ wxTTLSConfigPanelBase::wxTTLSConfigPanelBase( wxWindow* parent, wxWindowID id, c
sb_outer_identity_vert = new wxBoxSizer( wxVERTICAL );
m_outer_identity_label = new wxStaticText( sb_outer_identity->GetStaticBox(), wxID_ANY, _("Select the user ID supplicant introduces itself as to authenticator:"), wxDefaultPosition, wxDefaultSize, 0 );
m_outer_identity_label->Wrap( 446 );
m_outer_identity_label->Wrap( 445 );
sb_outer_identity_vert->Add( m_outer_identity_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_outer_identity_radio;

2
lib/TTLS_UI/res/wxTTLS_UI.fbp
View File

@@ -242,7 +242,7 @@
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style"></property>
<property name="wrap">446</property>
<property name="wrap">445</property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>

295
lib/TTLS_UI/src/Module.cpp
View File

@@ -23,6 +23,24 @@
using namespace std;
using namespace winstd;
static wxCriticalSection s_lock;
static unsigned long s_init_ref_count = 0;
//////////////////////////////////////////////////////////////////////
// wxInitializerPeer
//////////////////////////////////////////////////////////////////////
class wxInitializerPeer
{
public:
wxInitializerPeer(_In_ HINSTANCE instance);
virtual ~wxInitializerPeer();
protected:
wxLocale m_locale; ///< Locale
};
//////////////////////////////////////////////////////////////////////
// eap::peer_ttls_ui
@@ -87,45 +105,30 @@ void eap::peer_ttls_ui::invoke_config_ui(
// Load existing configuration.
unpack(cfg, pConnectionDataIn, dwConnectionDataInSize);
} else {
// This is a blank network profile. Create default configuraton.
// Start with PAP inner configuration.
unique_ptr<config_method_ttls> cfg_method(new config_method_ttls(*this));
cfg_method->m_inner.reset(new config_method_pap(*this));
cfg_method->m_anonymous_identity = L"@";
cfg_method->m_use_preshared = true;
cfg_method->m_preshared.reset(new credentials_tls(*this));
// Start with one method.
config_provider cfg_provider(*this);
cfg_provider.m_methods.push_back(std::move(cfg_method));
// Start with one provider.
cfg.m_providers.push_back(std::move(cfg_provider));
// This is a blank network profile. `cfg` is already set to defaults.
}
// Initialize application.
new wxApp();
wxEntryStart(m_instance);
int result;
{
// Create wxWidget-approved parent window.
wxWindow parent;
parent.SetHWND((WXHWND)(hwndParent ? hwndParent : GetForegroundWindow()));
parent.AdoptAttributesFromHWND();
wxTopLevelWindows.Append(&parent);
// Initialize application.
wxInitializerPeer init(m_instance);
// Create and launch configuration dialog.
wxEAPConfigDialog<wxTTLSConfigWindow> dlg(cfg, &parent);
result = dlg.ShowModal();
{
// Create wxWidget-approved parent window.
wxWindow parent;
parent.SetHWND((WXHWND)(hwndParent ? hwndParent : GetForegroundWindow()));
parent.AdoptAttributesFromHWND();
wxTopLevelWindows.Append(&parent);
wxTopLevelWindows.DeleteObject(&parent);
parent.SetHWND((WXHWND)NULL);
// Create and launch configuration dialog.
wxEAPConfigDialog<wxTTLSConfigWindow> dlg(cfg, &parent);
result = dlg.ShowModal();
wxTopLevelWindows.DeleteObject(&parent);
parent.SetHWND((WXHWND)NULL);
}
}
// Clean-up and return.
wxEntryCleanup();
if (result != wxID_OK)
throw win_runtime_error(ERROR_CANCELLED, __FUNCTION__ " Cancelled.");
@@ -150,17 +153,10 @@ void eap::peer_ttls_ui::invoke_identity_ui(
// Unpack configuration.
config_connection cfg(*this);
unpack(cfg, pConnectionData, dwConnectionDataSize);
if (cfg.m_providers.empty() || cfg.m_providers.front().m_methods.empty())
throw invalid_argument(__FUNCTION__ " Configuration has no providers and/or methods.");
// Get method configuration.
const config_provider &cfg_prov(cfg.m_providers.front());
config_method_ttls *cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov.m_methods.front().get());
assert(cfg_method);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
// Unpack cached credentials.
credentials_ttls cred_in(*this);
credentials_connection cred_in(*this, cfg);
if (dwUserDataSize)
unpack(cred_in, pUserData, dwUserDataSize);
#else
@@ -168,94 +164,140 @@ void eap::peer_ttls_ui::invoke_identity_ui(
UNREFERENCED_PARAMETER(dwUserDataSize);
#endif
credentials_ttls cred_out(*this);
credentials_connection cred_out(*this, cfg);
config_method_ttls *cfg_method = NULL;
// Determine inner credential type.
eap_type_t type_inner;
if (dynamic_cast<const config_method_pap*>(cfg_method->m_inner.get())) {
cred_out.m_inner.reset(new credentials_pap(*this));
type_inner = eap_type_pap;
} else {
assert(0); // Unsupported inner authentication method type.
type_inner = eap_type_undefined;
}
// Combine credentials.
pair<eap::credentials::source_t, eap::credentials::source_t> cred_source(cred_out.combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
&cred_in,
#else
NULL,
#endif
*cfg_method,
(dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL));
if (dwFlags & EAP_FLAG_GUEST_ACCESS) {
// Disable credential saving for guests.
cfg_method->m_allow_save = false;
cfg_method->m_inner->m_allow_save = false;
}
// Initialize application.
new wxApp();
wxEntryStart(m_instance);
vector<pair<config_method_ttls*, credentials_connection> > cred_method_store;
cred_method_store.reserve(cfg.m_providers.size());
int result;
{
// Create wxWidget-approved parent window.
wxWindow parent;
parent.SetHWND((WXHWND)(hwndParent ? hwndParent : GetForegroundWindow()));
parent.AdoptAttributesFromHWND();
wxTopLevelWindows.Append(&parent);
// Initialize application.
wxInitializerPeer init(m_instance);
// Create credentials dialog.
wxEAPCredentialsDialog dlg(cfg_prov, &parent);
wxTTLSCredentialsPanel *panel = new wxTTLSCredentialsPanel(cfg_prov, *cfg_method, cred_out, cfg_prov.m_id.c_str(), &dlg);
dlg.AddContent(panel);
{
// Create wxWidget-approved parent window.
wxWindow parent;
parent.SetHWND((WXHWND)(hwndParent ? hwndParent : GetForegroundWindow()));
parent.AdoptAttributesFromHWND();
wxTopLevelWindows.Append(&parent);
// Set "Remember" checkboxes according to credential source,
panel->m_outer_cred->SetRememberValue(cred_source.first == eap::credentials::source_storage);
wxPAPCredentialsPanel *panel_inner_cred_pap = dynamic_cast<wxPAPCredentialsPanel*>(panel->m_inner_cred);
if (panel_inner_cred_pap)
panel_inner_cred_pap->SetRememberValue(cred_source.second == eap::credentials::source_storage);
// Centre and display dialog.
dlg.Centre(wxBOTH);
result = dlg.ShowModal();
if (result == wxID_OK) {
// Write credentials to credential manager.
if (panel->m_outer_cred->GetRememberValue()) {
try {
cred_out.credentials_tls::store(cfg_prov.m_id.c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Writing credentials failed."));
// Create credentials dialog and populate it with providers.
bool combined = false;
wxEAPCredentialsConnectionDialog dlg(&parent);
for (config_connection::provider_list::iterator cfg_prov = cfg.m_providers.begin(), cfg_prov_end = cfg.m_providers.end(); cfg_prov != cfg_prov_end; ++cfg_prov) {
// Get method configuration.
if (cfg_prov->m_methods.empty()) {
log_event(&EAPMETHOD_TRACE_EVT_CRED_NO_METHOD, event_data(cfg_prov->m_id), event_data::blank);
continue;
}
config_method_ttls *cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov->m_methods.front().get());
assert(cfg_method);
// Prepare new set of credentials for given provider.
credentials_connection cred_method(*this, cfg);
cred_method.m_id = cfg_prov->m_id;
credentials_ttls *_cred_method = (credentials_ttls*)cfg_method->make_credentials();
cred_method.m_cred.reset(_cred_method);
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
bool is_own = cred_in.m_cred && _wcsicmp(cred_in.m_id.c_str(), cfg_prov->m_id.c_str()) == 0;
#endif
// Combine outer credentials.
LPCTSTR target_name = (dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov->m_id.c_str() : NULL;
eap::credentials::source_t src_outer = _cred_method->credentials_tls::combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
is_own ? cred_in.m_cred.get() : NULL,
#else
NULL,
#endif
*cfg_method,
target_name);
// Combine inner credentials.
eap::credentials::source_t src_inner = _cred_method->m_inner->combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
is_own ? ((credentials_ttls*)cred_in.m_cred.get())->m_inner.get() : NULL,
#else
NULL,
#endif
*cfg_method->m_inner,
target_name);
if (dwFlags & EAP_FLAG_GUEST_ACCESS) {
// Disable credential saving for guests.
cfg_method->m_allow_save = false;
cfg_method->m_inner->m_allow_save = false;
}
// Create method credentials panel.
wxTTLSCredentialsPanel *panel = new wxTTLSCredentialsPanel(*cfg_prov, *cfg_method, *_cred_method, cfg_prov->m_id.c_str(), dlg.m_providers);
// Set "Remember" checkboxes according to credential source,
panel->m_outer_cred->SetRemember(src_outer == eap::credentials::source_storage);
panel->m_inner_cred->SetRemember(src_inner == eap::credentials::source_storage);
// Add panel to choice-book. Select the first one to have known sources.
if (!combined && src_outer != eap::credentials::source_unknown && src_inner != eap::credentials::source_unknown) {
if (dlg.m_providers->AddPage(panel, wxEAPGetProviderName(cfg_prov->m_name), true)) {
cred_method_store.push_back(pair<config_method_ttls*, credentials_connection>(cfg_method, std::move(cred_method)));
combined = true;
}
} else
if (dlg.m_providers->AddPage(panel, wxEAPGetProviderName(cfg_prov->m_name), false))
cred_method_store.push_back(pair<config_method_ttls*, credentials_connection>(cfg_method, std::move(cred_method)));
}
if (panel_inner_cred_pap && panel_inner_cred_pap->GetRememberValue()) {
try {
cred_out.m_inner->store(cfg_prov.m_id.c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Writing credentials failed."));
}
// Update dialog layout.
dlg.Layout();
dlg.GetSizer()->Fit(&dlg);
// Centre and display dialog.
dlg.Centre(wxBOTH);
result = dlg.ShowModal();
if (result == wxID_OK) {
int idx_prov = dlg.m_providers->GetSelection();
if (idx_prov != wxNOT_FOUND) {
wxTTLSCredentialsPanel *panel = dynamic_cast<wxTTLSCredentialsPanel*>(dlg.m_providers->GetPage(idx_prov));
pair<config_method_ttls*, credentials_connection> &res = cred_method_store[idx_prov];
cfg_method = res.first;
cred_out = res.second;
credentials_ttls *_cred_out = dynamic_cast<credentials_ttls*>(cred_out.m_cred.get());
// Write credentials to credential manager.
if (panel->m_outer_cred->GetRemember()) {
try {
_cred_out->credentials_tls::store(cred_out.m_id.c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Writing credentials failed."));
}
}
if (panel->m_inner_cred->GetRemember()) {
try {
_cred_out->m_inner->store(cred_out.m_id.c_str());
} catch (winstd::win_runtime_error &err) {
wxLogError(winstd::tstring_printf(_("Error writing credentials to Credential Manager: %hs (error %u)"), err.what(), err.number()).c_str());
} catch (...) {
wxLogError(_("Writing credentials failed."));
}
}
} else
result = wxID_CANCEL;
}
wxTopLevelWindows.DeleteObject(&parent);
parent.SetHWND((WXHWND)NULL);
}
wxTopLevelWindows.DeleteObject(&parent);
parent.SetHWND((WXHWND)NULL);
}
// Clean-up and return.
wxEntryCleanup();
if (result != wxID_OK)
throw win_runtime_error(ERROR_CANCELLED, __FUNCTION__ " Cancelled.");
// Build our identity. ;)
wstring identity(move(cfg_method->get_public_identity(cred_out)));
wstring identity(std::move(cfg_method->get_public_identity((const credentials_ttls&)*cred_out.m_cred)));
log_event(&EAPMETHOD_TRACE_EVT_CRED_OUTER_ID1, event_data((unsigned int)eap_type_ttls), event_data(identity), event_data::blank);
size_t size = sizeof(WCHAR)*(identity.length() + 1);
*ppwszIdentity = (WCHAR*)alloc_memory(size);
@@ -281,3 +323,36 @@ void eap::peer_ttls_ui::invoke_interactive_ui(
InitCommonControls();
MessageBox(hwndParent, _T(PRODUCT_NAME_STR) _T(" interactive UI goes here!"), _T(PRODUCT_NAME_STR) _T(" Prompt"), MB_OK);
}
//////////////////////////////////////////////////////////////////////
// wxInitializerPeer
//////////////////////////////////////////////////////////////////////
wxInitializerPeer::wxInitializerPeer(_In_ HINSTANCE instance)
{
wxCriticalSectionLocker locker(s_lock);
if (s_init_ref_count++)
return;
// Initialize application.
new wxApp();
wxEntryStart(instance);
// Do our wxWidgets configuration and localization initialization.
wxInitializeConfig();
if (wxInitializeLocale(m_locale)) {
//m_locale.AddCatalog(wxT("wxExtend") wxT(wxExtendVersion));
m_locale.AddCatalog(wxT("EAPTTLSUI"));
}
}
wxInitializerPeer::~wxInitializerPeer()
{
wxCriticalSectionLocker locker(s_lock);
if (--s_init_ref_count)
return;
wxEntryCleanup();
}

1
lib/TTLS_UI/src/StdAfx.h
View File

@@ -28,3 +28,4 @@
#include "../../PAP_UI/include/PAP_UI.h"
#include <wx/app.h>
#include <wx/thread.h>

18
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@@ -71,10 +71,8 @@ bool wxTTLSConfigPanel::TransferDataFromWindow()
}
void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
UNREFERENCED_PARAMETER(event);
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_outer_identity_same ->Enable(false);
@@ -95,7 +93,7 @@ void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
// wxTTLSConfigWindow
//////////////////////////////////////////////////////////////////////
wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent) :
wxTTLSConfigWindow::wxTTLSConfigWindow(eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent) :
m_cfg((eap::config_method_ttls&)cfg),
m_cfg_pap(cfg.m_module),
wxEAPConfigWindow(prov, cfg, parent)
@@ -143,6 +141,14 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::co
// m_inner_type->SetFocusFromKbd(); // This control steals mouse-wheel scrolling for itself
panel_pap->SetFocusFromKbd();
this->Connect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxTTLSConfigWindow::OnUpdateUI));
}
wxTTLSConfigWindow::~wxTTLSConfigWindow()
{
this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxTTLSConfigWindow::OnUpdateUI));
}
@@ -193,10 +199,8 @@ void wxTTLSConfigWindow::OnInitDialog(wxInitDialogEvent& event)
}
void wxTTLSConfigWindow::OnUpdateUI(wxUpdateUIEvent& event)
void wxTTLSConfigWindow::OnUpdateUI(wxUpdateUIEvent& /*event*/)
{
wxEAPConfigWindow::OnUpdateUI(event);
m_inner_type->GetChoiceCtrl()->Enable(!m_prov.m_read_only);
}

2
lib/WinStd

Submodule lib/WinStd updated: 92f010b206...b76203f95e

1
output/Setup/.gitignore vendored
View File

@@ -1,3 +1,4 @@
/GEANTLink*.msi
/CredWrite.exe
/MsiUseFeature.exe
/WLANManager.exe

2
output/locale/.gitignore vendored
View File

@@ -1 +1,3 @@
*/EAPTTLSUI.mo
*/EventMonitor.mo
*/wxExtend13.mo