Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Compare commits

base: Amebis:1.0-alpha4
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0
...
compare: Amebis:1.0-alpha5
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0

25 Commits
1.0-alpha4 ... 1.0-alpha5

Author SHA1 Message Date
Simon Rozman
d792520f51 Version set to 1.0-alpha5 
(closes #2)
 2016-06-23 17:19:47 +02:00
Simon Rozman
9f4c4514cb EAPHost trace added 2016-06-23 17:16:52 +02:00
Simon Rozman
de94d27380 EventMonitor added to MSI 2016-06-23 17:16:24 +02:00
Simon Rozman
ded87eb18c EventMonitor requires elevation now 2016-06-23 17:16:03 +02:00
Simon Rozman
0639169d9a EventMonitor utility is operational now 2016-06-23 15:46:58 +02:00
Simon Rozman
fa141fc525 Correct event is reported for DWORD-returning functions now 2016-06-23 15:46:12 +02:00
Simon Rozman
1fc77fc63d EAP method type is now a map 2016-06-23 15:44:57 +02:00
Simon Rozman
d15b7066cd RSA encryption replaced with RSA session key exchange and AES data encryption; BLOBs are encrypted again 2016-06-23 00:47:38 +02:00
Simon Rozman
922d0ac3d0 Additional RSA credential encryption replaced with product-specific entropy in user-specific encryption pass, to circumvent RSA data length limitation 2016-06-22 23:32:28 +02:00
Simon Rozman
f3cb90d1c3 EventMonitor development continues... 2016-06-22 18:03:47 +02:00
Simon Rozman
a7e0e5ebd8 MSIBUILD_PRODUCT_NAME check added 2016-06-22 18:02:42 +02:00
Simon Rozman
3238881af8 Event provider registration added 2016-06-22 18:02:20 +02:00
Simon Rozman
9d0d3418b0 Sub-module update 2016-06-22 18:01:52 +02:00
Simon Rozman
81a268df1b Sub-module update 2016-06-22 17:59:43 +02:00
Simon Rozman
d1a4487503 BLOB encryption temporary disabled, as RSA can not encrypt data this long 2016-06-22 17:59:26 +02:00
Simon Rozman
24008000a9 Merge branch 'master' of https://github.com/Amebis/GEANTLink 2016-06-22 09:18:41 +02:00
Simon Rozman
bdd3fc616c EAP BLOBs are encrypted now 2016-06-22 09:18:27 +02:00
Simon Rozman
e31fc08a64 EventMonitor utility introduced 2016-06-22 06:28:21 +02:00
Simon Rozman
a2ca2fd850 Logging and error reporting simplified 2016-06-21 13:15:50 +02:00
Simon Rozman
e98856f934 Support for provider contact info added 2016-06-21 10:46:05 +02:00
Simon Rozman
b634956901 Credentials dialog banner title now dynamic 2016-06-21 09:18:17 +02:00
Simon Rozman
0c8492ccd1 CredProtect() replaced with CryptProtectData() << the former didn't work between normal and UAC-elevated processes: stored credentials are no longer valid and should be reentered 2016-06-20 16:37:48 +02:00
Simon Rozman
768e0a5a36 Previously unused templates fixed 2016-06-20 16:24:58 +02:00
Simon Rozman
ac23d5f04f Custom credential prompt labels are honored now (for password-based methods) 2016-06-20 15:14:48 +02:00
Simon Rozman
e52b9a636f Support for read-only configurations added 2016-06-20 14:51:21 +02:00
65 changed files with 3331 additions and 1613 deletions
Expand all files Collapse all files

BIN
CredWrite/CredWrite.rc
View File

Binary file not shown.

BIN
EAPMethods/MSIBuild/Makefile
View File

Binary file not shown.

544
EAPMethods/src/Main.cpp
View File

@@ -20,6 +20,9 @@
#include <StdAfx.h>
using namespace std;
using namespace winstd;
#if EAPMETHOD_TYPE==21
#define _EAPMETHOD_PEER eap::peer_ttls
@@ -59,6 +62,8 @@ BOOL WINAPI DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID l
///
VOID WINAPI EapPeerFreeMemory(_In_ void *pUIContextData)
{
event_fn_auto event_auto(g_peer.get_event_fn_auto(__FUNCTION__));
if (pUIContextData)
g_peer.free_memory((BYTE*)pUIContextData);
}
@@ -71,6 +76,8 @@ VOID WINAPI EapPeerFreeMemory(_In_ void *pUIContextData)
///
VOID WINAPI EapPeerFreeErrorMemory(_In_ EAP_ERROR *ppEapError)
{
event_fn_auto event_auto(g_peer.get_event_fn_auto(__FUNCTION__));
if (ppEapError)
g_peer.free_error_memory(ppEapError);
}
@@ -84,19 +91,23 @@ VOID WINAPI EapPeerFreeErrorMemory(_In_ EAP_ERROR *ppEapError)
DWORD WINAPI EapPeerGetInfo(_In_ EAP_TYPE* pEapType, _Out_ EAP_PEER_METHOD_ROUTINES* pEapPeerMethodRoutines, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pEapType)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapType is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pEapType)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapType is NULL.")));
else if (pEapType->type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->type, (int)EAPMETHOD_TYPE).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->type, (int)EAPMETHOD_TYPE).c_str()));
else if (!pEapPeerMethodRoutines)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapPeerMethodRoutines is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapPeerMethodRoutines is NULL.")));
else {
pEapPeerMethodRoutines->dwVersion = PRODUCT_VERSION;
pEapPeerMethodRoutines->pEapType = NULL;
@@ -128,15 +139,24 @@ DWORD WINAPI EapPeerGetInfo(_In_ EAP_TYPE* pEapType, _Out_ EAP_PEER_METHOD_ROUTI
DWORD APIENTRY EapPeerInitialize(_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else
dwResult = g_peer.initialize(ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!g_peer.initialize(ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
return dwResult;
}
@@ -150,15 +170,24 @@ DWORD APIENTRY EapPeerInitialize(_Out_ EAP_ERROR **ppEapError)
DWORD APIENTRY EapPeerShutdown(_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else
dwResult = g_peer.shutdown(ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!g_peer.shutdown(ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
return dwResult;
}
@@ -183,38 +212,44 @@ DWORD APIENTRY EapPeerGetIdentity(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pConnectionData && dwConnectionDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConnectionData is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pConnectionData && dwConnectionDataSize)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL.")));
else if (!pUserData && dwUserDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUserData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUserData is NULL.")));
else if (!pfInvokeUI)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pfInvokeUI is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pfInvokeUI is NULL.")));
else if (!pdwUserDataOutSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwUserDataOutSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwUserDataOutSize is NULL.")));
else if (!ppUserDataOut)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppUserDataOut is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUserDataOut is NULL.")));
else if (!ppwszIdentity)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppwszIdentity is NULL."), NULL);
else
dwResult = g_peer.get_identity(
dwFlags,
dwConnectionDataSize,
pConnectionData,
dwUserDataSize,
pUserData,
hTokenImpersonateUser,
pfInvokeUI,
pdwUserDataOutSize,
ppUserDataOut,
ppwszIdentity,
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_identity(dwFlags, cfg, usr, hTokenImpersonateUser, pfInvokeUI, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -238,30 +273,44 @@ DWORD APIENTRY EapPeerBeginSession(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pConnectionData && dwConnectionDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConnectionData is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pConnectionData && dwConnectionDataSize)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL.")));
else if (!pUserData && dwUserDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUserData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUserData is NULL.")));
else if (!phSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" phSession is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" phSession is NULL.")));
else {
*phSession = NULL;
// Allocate new session.
std::unique_ptr<_EAPMETHOD_SESSION> session(new _EAPMETHOD_SESSION(g_peer));
if (!session)
return dwResult = ERROR_OUTOFMEMORY;
unique_ptr<_EAPMETHOD_SESSION> session(new _EAPMETHOD_SESSION(g_peer));
if (!session) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, _T(" Error allocating memory for EAP session.")));
return dwResult;
}
// Begin the session.
if (!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwConnectionDataSize, pConnectionData, dwUserDataSize, pUserData, dwMaxSendPacketSize, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
if (!g_peer.unpack(session->m_cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(session->m_id, pUserData, dwUserDataSize, ppEapError) ||
!session->begin(dwFlags, pAttributeArray, hTokenImpersonateUser, dwMaxSendPacketSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
*phSession = session.release();
}
@@ -278,15 +327,19 @@ DWORD APIENTRY EapPeerBeginSession(
DWORD APIENTRY EapPeerEndSession(_In_ EAP_SESSION_HANDLE hSession, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else {
static_cast<_EAPMETHOD_SESSION*>(hSession)->end(ppEapError);
delete static_cast<_EAPMETHOD_SESSION*>(hSession);
@@ -309,21 +362,32 @@ DWORD APIENTRY EapPeerProcessRequestPacket(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pReceivedPacket && dwReceivedPacketSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pReceivedPacket is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pReceivedPacket is NULL.")));
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->process_request_packet(dwReceivedPacketSize, pReceivedPacket, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->process_request_packet(dwReceivedPacketSize, pReceivedPacket, pEapOutput, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -341,21 +405,32 @@ DWORD APIENTRY EapPeerGetResponsePacket(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pdwSendPacketSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwSendPacketSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwSendPacketSize is NULL.")));
else if (!pSendPacket && *pdwSendPacketSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pSendPacket is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_packet(pdwSendPacketSize, pSendPacket, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pSendPacket is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_packet(pdwSendPacketSize, pSendPacket, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -369,19 +444,30 @@ DWORD APIENTRY EapPeerGetResponsePacket(
DWORD APIENTRY EapPeerGetResult(_In_ EAP_SESSION_HANDLE hSession, _In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!ppResult)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppResult is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_result(reason, ppResult, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppResult is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_result(reason, ppResult, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -401,21 +487,35 @@ DWORD APIENTRY EapPeerGetUIContext(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pdwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwUIContextDataSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwUIContextDataSize is NULL.")));
else if (!ppUIContextData)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppUIContextData is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(pdwUIContextDataSize, ppUIContextData, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUIContextData is NULL.")));
else {
_EAPMETHOD_SESSION::interactive_request_type req;
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_ui_context(req, ppEapError) ||
!g_peer.pack(req, ppUIContextData, pdwUIContextDataSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -436,21 +536,35 @@ DWORD APIENTRY EapPeerSetUIContext(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pUIContextData && dwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUIContextData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUIContextData is NULL.")));
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(dwUIContextDataSize, pUIContextData, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL.")));
else {
_EAPMETHOD_SESSION::interactive_response_type res;
if (!g_peer.unpack(res, pUIContextData, dwUIContextDataSize, ppEapError) ||
!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_ui_context(res, pEapOutput, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -464,19 +578,30 @@ DWORD APIENTRY EapPeerSetUIContext(
DWORD APIENTRY EapPeerGetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pAttribs)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pAttribs is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_attributes(pAttribs, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pAttribs is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->get_response_attributes(pAttribs, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -490,19 +615,30 @@ DWORD APIENTRY EapPeerGetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _O
DWORD APIENTRY EapPeerSetResponseAttributes(_In_ EAP_SESSION_HANDLE hSession, _In_ /*const*/ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!hSession)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" hSession is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!hSession)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" hSession is NULL.")));
else if (!pEapOutput)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapOutput is NULL."), NULL);
else
dwResult = static_cast<_EAPMETHOD_SESSION*>(hSession)->set_response_attributes(pAttribs, pEapOutput, ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapOutput is NULL.")));
else {
if (!static_cast<_EAPMETHOD_SESSION*>(hSession)->set_response_attributes(pAttribs, pEapOutput, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -526,34 +662,48 @@ DWORD WINAPI EapPeerGetMethodProperties(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pEapConnData && dwEapConnDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConnData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL.")));
else if (!pUserData && dwUserDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUserData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUserData is NULL.")));
else if (!pMethodPropertyArray)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pMethodPropertyArray is NULL."), NULL);
else
dwResult = g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
dwEapConnDataSize,
pEapConnData,
dwUserDataSize,
pUserData,
pMethodPropertyArray,
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pMethodPropertyArray is NULL.")));
else {
_EAPMETHOD_PEER::config_type cfg(g_peer);
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!g_peer.unpack(cfg, pEapConnData, dwEapConnDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.get_method_properties(
dwVersion,
dwFlags,
hUserImpersonationToken,
cfg,
usr,
pMethodPropertyArray,
ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -575,57 +725,53 @@ DWORD WINAPI EapPeerCredentialsXml2Blob(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pCredentialsDoc)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pCredentialsDoc is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pCredentialsDoc is NULL.")));
else if (!pConfigIn && dwConfigInSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConfigIn is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigIn is NULL.")));
else if (!ppCredentialsOut)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppCredentialsOut is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppCredentialsOut is NULL.")));
else if (!pdwCredentialsOutSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwCredentialsOutSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwCredentialsOutSize is NULL.")));
else {
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(pConfigIn);
UNREFERENCED_PARAMETER(dwConfigInSize);
// <Credentials>
winstd::com_obj<IXMLDOMNode> pXmlElCredentials;
if ((dwResult = eapxml::select_node(pCredentialsDoc, winstd::bstr(L"//EapHostUserCredentials/Credentials"), &pXmlElCredentials)) != ERROR_SUCCESS) {
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EapHostUserCredentials><Credentials> element."), NULL);
com_obj<IXMLDOMNode> pXmlElCredentials;
if ((dwResult = eapxml::select_node(pCredentialsDoc, bstr(L"//EapHostUserCredentials/Credentials"), &pXmlElCredentials)) != ERROR_SUCCESS) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <EapHostUserCredentials><Credentials> element."), _T("Please make sure credential XML is a valid ") _T(PRODUCT_NAME_STR) _T(" credential XML document.")));
return dwResult;
}
// Load credentials.
pCredentialsDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER::identity_type cred(g_peer);
if (!cred.load(pXmlElCredentials, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for credentials.
assert(ppCredentialsOut);
assert(pdwCredentialsOutSize);
*pdwCredentialsOutSize = (DWORD)eapserial::get_pk_size(cred);
*ppCredentialsOut = g_peer.alloc_memory(*pdwCredentialsOutSize);
if (!*ppCredentialsOut) {
*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, 0, NULL, NULL, NULL, winstd::tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwCredentialsOutSize).c_str(), NULL);
return dwResult;
pCredentialsDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER::identity_type usr(g_peer);
if (!usr.load(pXmlElCredentials, ppEapError) ||
!g_peer.pack(usr, ppCredentialsOut, pdwCredentialsOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Pack BLOB to output.
unsigned char *cursor = *ppCredentialsOut;
eapserial::pack(cursor, cred);
assert(cursor - *ppCredentialsOut <= (ptrdiff_t)*pdwCredentialsOutSize);
}
return dwResult;
@@ -647,29 +793,41 @@ DWORD WINAPI EapPeerQueryCredentialInputFields(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pEapConnData && dwEapConnDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConnData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL.")));
else if (!pEapConfigInputFieldsArray)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConfigInputFieldsArray is NULL."), NULL);
else
dwResult = g_peer.query_credential_input_fields(
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConfigInputFieldsArray is NULL.")));
else {
if (!g_peer.query_credential_input_fields(
hUserImpersonationToken,
dwFlags,
dwEapConnDataSize,
pEapConnData,
pEapConfigInputFieldsArray,
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -692,27 +850,31 @@ DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pEapConnData && dwEapConnDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConnData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConnData is NULL.")));
else if (!pEapConfigInputFieldArray)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConfigInputFieldArray is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConfigInputFieldArray is NULL.")));
else if (!pdwUsersBlobSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwUsersBlobSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwUsersBlobSize is NULL.")));
else if (!ppUserBlob)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppUserBlob is NULL."), NULL);
else
dwResult = g_peer.query_user_blob_from_credential_input_fields(
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUserBlob is NULL.")));
else {
if (!g_peer.query_user_blob_from_credential_input_fields(
hUserImpersonationToken,
dwFlags,
dwEapConnDataSize,
@@ -720,7 +882,15 @@ DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields(
pEapConfigInputFieldArray,
pdwUsersBlobSize,
ppUserBlob,
ppEapError) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -741,28 +911,40 @@ DWORD WINAPI EapPeerQueryInteractiveUIInputFields(
_Inout_ LPVOID *pvReserved)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pUIContextData && dwUIContextDataSize)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUIContextData is NULL.")));
else if (!pUIContextData && dwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUIContextData is NULL."), NULL);
else if (!pUIContextData && dwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUIContextData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUIContextData is NULL.")));
else if (!pEapInteractiveUIData)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapInteractiveUIData is NULL."), NULL);
else
dwResult = g_peer.query_interactive_ui_input_fields(
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapInteractiveUIData is NULL.")));
else {
if (!g_peer.query_interactive_ui_input_fields(
dwVersion,
dwFlags,
dwUIContextDataSize,
pUIContextData,
pEapInteractiveUIData,
ppEapError,
pvReserved) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
pvReserved))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}
@@ -785,23 +967,27 @@ DWORD WINAPI EapPeerQueryUIBlobFromInteractiveUIInputFields(
_Inout_ LPVOID *ppvReserved)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pUIContextData && dwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapConfigInputFieldArray is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pUIContextData && dwUIContextDataSize)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapConfigInputFieldArray is NULL.")));
else if (!pEapInteractiveUIData)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapInteractiveUIData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapInteractiveUIData is NULL.")));
else if (!pdwDataFromInteractiveUISize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwDataFromInteractiveUISize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwDataFromInteractiveUISize is NULL.")));
else if (!ppDataFromInteractiveUI)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL."), NULL);
else
dwResult = g_peer.query_ui_blob_from_interactive_ui_input_fields(
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL.")));
else {
if (!g_peer.query_ui_blob_from_interactive_ui_input_fields(
dwVersion,
dwFlags,
dwUIContextDataSize,
@@ -810,7 +996,15 @@ DWORD WINAPI EapPeerQueryUIBlobFromInteractiveUIInputFields(
pdwDataFromInteractiveUISize,
ppDataFromInteractiveUI,
ppEapError,
ppvReserved) ? ERROR_SUCCESS : *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
ppvReserved))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
dwResult = (*ppEapError)->dwWinError;
} else
dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
}

292
EAPMethods/src/Main_UI.cpp
View File

@@ -22,6 +22,9 @@
#pragma comment(lib, "msxml6.lib")
using namespace std;
using namespace winstd;
#if EAPMETHOD_TYPE==21
#define _EAPMETHOD_PEER_UI eap::peer_ttls_ui
@@ -70,6 +73,8 @@ BOOL WINAPI DllMain(_In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID l
///
VOID WINAPI EapPeerFreeMemory(_In_ void *pUIContextData)
{
event_fn_auto event_auto(g_peer.get_event_fn_auto(__FUNCTION__));
if (pUIContextData)
g_peer.free_memory((BYTE*)pUIContextData);
}
@@ -82,6 +87,8 @@ VOID WINAPI EapPeerFreeMemory(_In_ void *pUIContextData)
///
VOID WINAPI EapPeerFreeErrorMemory(_In_ EAP_ERROR *ppEapError)
{
event_fn_auto event_auto(g_peer.get_event_fn_auto(__FUNCTION__));
if (ppEapError)
g_peer.free_error_memory(ppEapError);
}
@@ -101,52 +108,50 @@ DWORD WINAPI EapPeerConfigXml2Blob(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pConfigDoc)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConfigDoc is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigDoc is NULL.")));
else if (!ppConfigOut)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppConfigOut is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConfigOut is NULL.")));
else if (!pdwConfigOutSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwConfigOutSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwConfigOutSize is NULL.")));
else {
UNREFERENCED_PARAMETER(dwFlags);
// <Config>
pConfigDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
winstd::com_obj<IXMLDOMElement> pXmlElConfig;
if ((dwResult = eapxml::select_element(pConfigDoc, winstd::bstr(L"//eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS)
return dwResult;
// Load configuration.
pConfigDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (!cfg.load(pXmlElConfig, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for configuration.
assert(ppConfigOut);
assert(pdwConfigOutSize);
*pdwConfigOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConfigOut = g_peer.alloc_memory(*pdwConfigOutSize);
if (!*ppConfigOut) {
*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, 0, NULL, NULL, NULL, winstd::tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConfigOutSize).c_str(), NULL);
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
com_obj<IXMLDOMElement> pXmlElConfig;
if ((dwResult = eapxml::select_element(pConfigDoc, bstr(L"//eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult, _T(__FUNCTION__) _T(" Error reading <Config> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document.")));
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConfigOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConfigOut <= (ptrdiff_t)*pdwConfigOutSize);
// Load configuration.
pConfigDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (!cfg.load(pXmlElConfig, ppEapError) ||
!g_peer.pack(cfg, ppConfigOut, pdwConfigOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
}
return dwResult;
@@ -169,37 +174,43 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (eapMethodType.eapType.type != EAPMETHOD_TYPE)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)eapMethodType.eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (eapMethodType.dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)eapMethodType.dwAuthorId, (int)67532).c_str()));
else if (!pConfigIn && dwConfigInSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConfigIn is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConfigIn is NULL.")));
else if (!ppConfigDoc)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppConfigDoc is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConfigDoc is NULL.")));
else {
UNREFERENCED_PARAMETER(dwFlags);
HRESULT hr;
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConfigIn || !dwConfigInSize) {
const unsigned char *cursor = pConfigIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConfigIn <= (ptrdiff_t)dwConfigInSize);
if (!g_peer.unpack(cfg, pConfigIn, dwConfigInSize, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Create configuration XML document.
winstd::com_obj<IXMLDOMDocument2> pDoc;
com_obj<IXMLDOMDocument2> pDoc;
if (FAILED(hr = pDoc.create(CLSID_DOMDocument60, NULL, CLSCTX_INPROC_SERVER))) {
*ppEapError = g_peer.make_error(dwResult = HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating XML document."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error creating XML document.")));
return dwResult;
}
@@ -207,25 +218,32 @@ DWORD WINAPI EapPeerConfigBlob2Xml(
// Load empty XML configuration.
VARIANT_BOOL isSuccess = VARIANT_FALSE;
if (FAILED((hr = pDoc->loadXML(L"<Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><EAPIdentityProviderList xmlns=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"></EAPIdentityProviderList></Config>", &isSuccess))))
return dwResult = HRESULT_CODE(hr);
if (FAILED((hr = pDoc->loadXML(L"<Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><EAPIdentityProviderList xmlns=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\"></EAPIdentityProviderList></Config>", &isSuccess)))) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error loading XML document template.")));
return dwResult;
}
if (!isSuccess) {
*ppEapError = g_peer.make_error(dwResult = ERROR_XML_PARSE_ERROR, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Loading XML template failed."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_XML_PARSE_ERROR, _T(__FUNCTION__) _T(" Loading XML template failed.")));
return dwResult;
}
// Select <Config> node.
winstd::com_obj<IXMLDOMNode> pXmlElConfig;
pDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
if ((dwResult = eapxml::select_node(pDoc, winstd::bstr(L"eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS) {
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <Config> element."), NULL);
com_obj<IXMLDOMNode> pXmlElConfig;
pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eaphostconfig=\"http://www.microsoft.com/provisioning/EapHostConfig\""));
if ((dwResult = eapxml::select_node(pDoc, bstr(L"eaphostconfig:Config"), &pXmlElConfig)) != ERROR_SUCCESS) {
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <Config> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document.")));
return dwResult;
}
// Save all providers.
pDoc->setProperty(winstd::bstr(L"SelectionNamespaces"), winstd::variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
if (!cfg.save(pDoc, pXmlElConfig, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
pDoc->setProperty(bstr(L"SelectionNamespaces"), variant(L"xmlns:eap-metadata=\"urn:ietf:params:xml:ns:yang:ietf-eap-metadata\""));
if (!cfg.save(pDoc, pXmlElConfig, ppEapError)) {
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
*ppConfigDoc = pDoc.detach();
}
@@ -251,52 +269,42 @@ DWORD WINAPI EapPeerInvokeConfigUI(
{
UNREFERENCED_PARAMETER(dwFlags);
DWORD dwResult = ERROR_SUCCESS;
winstd::actctx_activator actctx(g_act_ctx);
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
actctx_activator actctx(g_act_ctx);
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pEapType)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapType is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pEapType)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapType is NULL.")));
else if (pEapType->eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (pEapType->dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str()));
else if (!pConnectionDataIn && dwConnectionDataInSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConnectionDataIn is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionDataIn is NULL.")));
else if (!pdwConnectionDataOutSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwConnectionDataOutSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwConnectionDataOutSize is NULL.")));
else if (!ppConnectionDataOut)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppConnectionDataOut is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppConnectionDataOut is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionDataIn || !dwConnectionDataInSize) {
const unsigned char *cursor = pConnectionDataIn;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionDataIn <= (ptrdiff_t)dwConnectionDataInSize);
if (!g_peer.unpack(cfg, pConnectionDataIn, dwConnectionDataInSize, ppEapError) ||
!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError) ||
!g_peer.pack(cfg, ppConnectionDataOut, pdwConnectionDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
if (!g_peer.invoke_config_ui(hwndParent, cfg, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for configuration.
assert(ppConnectionDataOut);
assert(pdwConnectionDataOutSize);
*pdwConnectionDataOutSize = (DWORD)eapserial::get_pk_size(cfg);
*ppConnectionDataOut = g_peer.alloc_memory(*pdwConnectionDataOutSize);
if (!*ppConnectionDataOut) {
*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, 0, NULL, NULL, NULL, winstd::tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwConnectionDataOutSize).c_str(), NULL);
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppConnectionDataOut;
eapserial::pack(cursor, cfg);
assert(cursor - *ppConnectionDataOut <= (ptrdiff_t)*pdwConnectionDataOutSize);
}
return dwResult;
@@ -322,7 +330,8 @@ DWORD WINAPI EapPeerInvokeIdentityUI(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
winstd::actctx_activator actctx(g_act_ctx);
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
actctx_activator actctx(g_act_ctx);
#ifdef _DEBUG
//Sleep(10000);
#endif
@@ -330,56 +339,39 @@ DWORD WINAPI EapPeerInvokeIdentityUI(
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pEapType)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapType is NULL."), NULL);
assert(!*ppEapError);
if (!pEapType)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapType is NULL.")));
else if (pEapType->eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (pEapType->dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str()));
else if (!pConnectionData && dwConnectionDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pConnectionData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pConnectionData is NULL.")));
else if (!pUserData && dwUserDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUserData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUserData is NULL.")));
else if (!pdwUserDataOutSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwUserDataOutSize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwUserDataOutSize is NULL.")));
else if (!ppUserDataOut)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppUserDataOut is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppUserDataOut is NULL.")));
else if (!ppwszIdentity)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppwszIdentity is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppwszIdentity is NULL.")));
else {
// Unpack configuration.
_EAPMETHOD_PEER_UI::config_type cfg(g_peer);
if (pConnectionData || !dwConnectionDataSize) {
const unsigned char *cursor = pConnectionData;
eapserial::unpack(cursor, cfg);
assert(cursor - pConnectionData <= (ptrdiff_t)dwConnectionDataSize);
}
// Unpack configuration.
_EAPMETHOD_PEER_UI::identity_type usr(g_peer);
if (pUserData || !dwUserDataSize) {
const unsigned char *cursor = pUserData;
eapserial::unpack(cursor, usr);
assert(cursor - pUserData <= (ptrdiff_t)dwUserDataSize);
if (!g_peer.unpack(cfg, pConnectionData, dwConnectionDataSize, ppEapError) ||
!g_peer.unpack(usr, pUserData, dwUserDataSize, ppEapError) ||
!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError) ||
!g_peer.pack(usr, ppUserDataOut, pdwUserDataOutSize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
if (!g_peer.invoke_identity_ui(hwndParent, dwFlags, cfg, usr, ppwszIdentity, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for user data.
assert(ppUserDataOut);
assert(pdwUserDataOutSize);
*pdwUserDataOutSize = (DWORD)eapserial::get_pk_size(usr);
*ppUserDataOut = g_peer.alloc_memory(*pdwUserDataOutSize);
if (!*ppUserDataOut) {
*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, 0, NULL, NULL, NULL, winstd::tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for configuration BLOB (%uB)."), *pdwUserDataOutSize).c_str(), NULL);
return dwResult;
}
// Pack BLOB to output.
unsigned char *cursor = *ppUserDataOut;
eapserial::pack(cursor, usr);
assert(cursor - *ppUserDataOut <= (ptrdiff_t)*pdwUserDataOutSize);
}
return dwResult;
@@ -401,53 +393,43 @@ DWORD WINAPI EapPeerInvokeInteractiveUI(
_Out_ EAP_ERROR **ppEapError)
{
DWORD dwResult = ERROR_SUCCESS;
winstd::actctx_activator actctx(g_act_ctx);
event_fn_auto_ret<DWORD> event_auto(g_peer.get_event_fn_auto(__FUNCTION__, dwResult));
actctx_activator actctx(g_act_ctx);
#ifdef _DEBUG
//Sleep(10000);
#endif
// Parameter check
if (!ppEapError)
dwResult = ERROR_INVALID_PARAMETER;
else if (!pEapType)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pEapType is NULL."), NULL);
return dwResult = ERROR_INVALID_PARAMETER;
assert(!*ppEapError);
if (!pEapType)
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pEapType is NULL.")));
else if (pEapType->eapType.type != EAPMETHOD_TYPE)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" Input EAP type (%d) does not match the supported EAP type (%d)."), (int)pEapType->eapType.type, (int)EAPMETHOD_TYPE).c_str()));
else if (pEapType->dwAuthorId != 67532)
*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, winstd::wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str(), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_NOT_SUPPORTED, wstring_printf(_T(__FUNCTION__) _T(" EAP author (%d) does not match the supported author (%d)."), (int)pEapType->dwAuthorId, (int)67532).c_str()));
else if (!pUIContextData && dwUIContextDataSize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pUIContextData is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pUIContextData is NULL.")));
else if (!pdwDataFromInteractiveUISize)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" pdwDataFromInteractiveUISize is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" pdwDataFromInteractiveUISize is NULL.")));
else if (!ppDataFromInteractiveUI)
*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL."), NULL);
g_peer.log_error(*ppEapError = g_peer.make_error(dwResult = ERROR_INVALID_PARAMETER, _T(__FUNCTION__) _T(" ppDataFromInteractiveUI is NULL.")));
else {
// Unpack request.
_EAPMETHOD_PEER_UI::interactive_request_type req;
if (pUIContextData || !dwUIContextDataSize) {
const unsigned char *cursor = pUIContextData;
eapserial::unpack(cursor, req);
assert(cursor - pUIContextData <= (ptrdiff_t)dwUIContextDataSize);
}
_EAPMETHOD_PEER_UI::interactive_response_type res;
if (!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError))
return dwResult = *ppEapError ? (*ppEapError)->dwWinError : ERROR_INVALID_DATA;
// Allocate BLOB for user data.
assert(ppDataFromInteractiveUI);
assert(pdwDataFromInteractiveUISize);
*pdwDataFromInteractiveUISize = (DWORD)eapserial::get_pk_size(res);
*ppDataFromInteractiveUI = g_peer.alloc_memory(*pdwDataFromInteractiveUISize);
if (!*ppDataFromInteractiveUI) {
*ppEapError = g_peer.make_error(dwResult = ERROR_OUTOFMEMORY, 0, NULL, NULL, NULL, winstd::tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for interactive response (%uB)."), *pdwDataFromInteractiveUISize).c_str(), NULL);
return dwResult;
if (!g_peer.unpack(req, pUIContextData, dwUIContextDataSize, ppEapError) ||
!g_peer.invoke_interactive_ui(hwndParent, req, res, ppEapError) ||
!g_peer.pack(res, ppDataFromInteractiveUI, pdwDataFromInteractiveUISize, ppEapError))
{
if (*ppEapError) {
g_peer.log_error(*ppEapError);
return dwResult = (*ppEapError)->dwWinError;
} else
return dwResult = ERROR_INVALID_DATA;
}
// Pack BLOB to output.
unsigned char *cursor = *ppDataFromInteractiveUI;
eapserial::pack(cursor, res);
assert(cursor - *ppDataFromInteractiveUI <= (ptrdiff_t)*pdwDataFromInteractiveUISize);
}
return dwResult;

2
EventMonitor/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
/temp
/*.user

19
EventMonitor/EventMonitor.props Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ImportGroup Label="PropertySheets" />
<PropertyGroup Label="UserMacros" />
<PropertyGroup>
<OutDir>..\output\$(Platform).$(Configuration)\</OutDir>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
<AdditionalIncludeDirectories>..\lib\Events\build\temp\Events.$(Platform).$(Configuration).$(PlatformToolset);..\lib\WinStd\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
</Link>
</ItemDefinitionGroup>
<ItemGroup />
</Project>

BIN
EventMonitor/EventMonitor.rc Normal file
View File

Binary file not shown.

114
EventMonitor/EventMonitor.vcxproj Normal file
View File

@@ -0,0 +1,114 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>EventMonitor</RootNamespace>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\Win32.props" />
<Import Project="..\include\Debug.props" />
<Import Project="EventMonitor.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\x64.props" />
<Import Project="..\include\Debug.props" />
<Import Project="EventMonitor.props" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\Win32.props" />
<Import Project="..\include\Release.props" />
<Import Project="EventMonitor.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="..\include\x64.props" />
<Import Project="..\include\Release.props" />
<Import Project="EventMonitor.props" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
<ItemGroup>
<ResourceCompile Include="EventMonitor.rc" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="StdAfx.h" />
</ItemGroup>
<ItemGroup>
<None Include="README.md" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
<ClCompile Include="StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\lib\Events\build\Events.vcxproj">
<Project>{d63f24bd-92a0-4d6b-8b69-ed947e4d2b1b}</Project>
</ProjectReference>
<ProjectReference Include="..\lib\WinStd\build\WinStd.vcxproj">
<Project>{47399d91-7eb9-41de-b521-514ba5db0c43}</Project>
</ProjectReference>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

38
EventMonitor/EventMonitor.vcxproj.filters Normal file
View File

@@ -0,0 +1,38 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="EventMonitor.rc">
<Filter>Resource Files</Filter>
</ResourceCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="StdAfx.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<None Include="README.md" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
</Project>

9
EventMonitor/MSIBuild/.gitignore vendored Normal file
View File

@@ -0,0 +1,9 @@
/*-1.idt
/*-2.idt
/*-2.idtx
/*.Binary-1
/*.Binary-2
/*.Icon-1
/*.Icon-2
/*.lst
/*.msm

BIN
EventMonitor/MSIBuild/Makefile Normal file
View File

Binary file not shown.

562
EventMonitor/Main.cpp Normal file
View File

@@ -0,0 +1,562 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 G<>ANT
This file is part of G<>ANTLink.
G<>ANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
G<>ANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with G<>ANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
#pragma comment(lib, "tdh.lib")
#pragma comment(lib, "Ws2_32.lib")
using namespace std;
using namespace winstd;
static vector<TRACEHANDLE> g_traces;
static BOOL WINAPI ConsoleHandler(_In_ DWORD dwCtrlType)
{
switch(dwCtrlType) {
case CTRL_C_EVENT:
case CTRL_BREAK_EVENT:
case CTRL_CLOSE_EVENT:
case CTRL_LOGOFF_EVENT:
case CTRL_SHUTDOWN_EVENT:
for (vector<TRACEHANDLE>::const_iterator trace = g_traces.cbegin(), trace_end = g_traces.cend(); trace != trace_end; ++trace)
CloseTrace(*trace);
}
return TRUE;
}
static tstring MapToString(_In_ const EVENT_MAP_INFO *pMapInfo, _In_ LPCBYTE pData)
{
if ( (pMapInfo->Flag & EVENTMAP_INFO_FLAG_MANIFEST_VALUEMAP) ||
((pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_VALUEMAP ) && (pMapInfo->Flag & ~EVENTMAP_INFO_FLAG_WBEM_VALUEMAP) != EVENTMAP_INFO_FLAG_WBEM_FLAG))
{
if ((pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_NO_MAP) == EVENTMAP_INFO_FLAG_WBEM_NO_MAP)
return tstring_printf(_T("%ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[*(PULONG)pData].OutputOffset);
else {
for (ULONG i = 0; ; i++) {
if (i >= pMapInfo->EntryCount)
return tstring_printf(_T("%lu"), *(PULONG)pData);
else if (pMapInfo->MapEntryArray[i].Value == *(PULONG)pData)
return tstring_printf(_T("%ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset);
}
}
} else if (
(pMapInfo->Flag & EVENTMAP_INFO_FLAG_MANIFEST_BITMAP) ||
(pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_BITMAP ) ||
((pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_VALUEMAP ) && (pMapInfo->Flag & ~EVENTMAP_INFO_FLAG_WBEM_VALUEMAP) == EVENTMAP_INFO_FLAG_WBEM_FLAG))
{
tstring out;
if (pMapInfo->Flag & EVENTMAP_INFO_FLAG_WBEM_NO_MAP) {
for (ULONG i = 0; i < pMapInfo->EntryCount; i++)
if (*(PULONG)pData & (1 << i))
out.append(tstring_printf(out.empty() ? _T("%ls") : _T(" | %ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset));
} else {
for (ULONG i = 0; i < pMapInfo->EntryCount; i++)
if ((pMapInfo->MapEntryArray[i].Value & *(PULONG)pData) == pMapInfo->MapEntryArray[i].Value)
out.append(tstring_printf(out.empty() ? _T("%ls") : _T(" | %ls"), (PBYTE)pMapInfo + pMapInfo->MapEntryArray[i].OutputOffset));
}
return out.empty() ? tstring_printf(_T("%lu"), *(PULONG)pData) : out;
}
return _T("<unknown map>");
}
static tstring DataToString(_In_ USHORT InType, _In_ USHORT OutType, _In_count_(nDataSize) LPCBYTE pData, _In_ SIZE_T nDataSize, _In_ const EVENT_MAP_INFO *pMapInfo, _In_ BYTE nPtrSize)
{
assert(pData || !nDataSize);
switch (InType) {
case TDH_INTYPE_UNICODESTRING:
case TDH_INTYPE_NONNULLTERMINATEDSTRING:
case TDH_INTYPE_UNICODECHAR:
return tstring_printf(_T("%.*ls"), nDataSize/sizeof(WCHAR), pData);
case TDH_INTYPE_ANSISTRING:
case TDH_INTYPE_NONNULLTERMINATEDANSISTRING:
case TDH_INTYPE_ANSICHAR: {
// Convert strings from ANSI code page, all others (JSON, XML etc.) from UTF-8
wstring str;
MultiByteToWideChar(OutType == TDH_OUTTYPE_STRING ? CP_ACP : CP_UTF8, 0, (LPCSTR)pData, (int)nDataSize, str);
return tstring_printf(_T("%ls"), str.c_str());
}
case TDH_INTYPE_COUNTEDSTRING:
return DataToString(TDH_INTYPE_NONNULLTERMINATEDSTRING, OutType, (LPCBYTE)((PUSHORT)pData + 1), *(PUSHORT)pData, pMapInfo, nPtrSize);
case TDH_INTYPE_COUNTEDANSISTRING:
return DataToString(TDH_INTYPE_NONNULLTERMINATEDANSISTRING, OutType, (LPCBYTE)((PUSHORT)pData + 1), *(PUSHORT)pData, pMapInfo, nPtrSize);
case TDH_INTYPE_REVERSEDCOUNTEDSTRING:
return DataToString(TDH_INTYPE_NONNULLTERMINATEDSTRING, OutType, (LPCBYTE)((PUSHORT)pData + 1), MAKEWORD(HIBYTE(*(PUSHORT)pData), LOBYTE(*(PUSHORT)pData)), pMapInfo, nPtrSize);
case TDH_INTYPE_REVERSEDCOUNTEDANSISTRING:
return DataToString(TDH_INTYPE_NONNULLTERMINATEDANSISTRING, OutType, (LPCBYTE)((PUSHORT)pData + 1), MAKEWORD(HIBYTE(*(PUSHORT)pData), LOBYTE(*(PUSHORT)pData)), pMapInfo, nPtrSize);
case TDH_INTYPE_INT8:
assert(nDataSize >= sizeof(CHAR));
switch (OutType) {
case TDH_OUTTYPE_STRING: return DataToString(TDH_INTYPE_ANSICHAR, TDH_OUTTYPE_NULL, pData, nDataSize, pMapInfo, nPtrSize);
default : return tstring_printf(_T("%hd"), *(PCHAR)pData);
}
case TDH_INTYPE_UINT8:
assert(nDataSize >= sizeof(BYTE));
switch (OutType) {
case TDH_OUTTYPE_STRING : return DataToString(TDH_INTYPE_ANSICHAR, TDH_OUTTYPE_NULL, pData, nDataSize, pMapInfo, nPtrSize);
case TDH_OUTTYPE_HEXINT8: return tstring_printf(_T("0x%x"), *(PBYTE)pData);
default : return tstring_printf(_T("%hu" ), *(PBYTE)pData);
}
case TDH_INTYPE_INT16:
assert(nDataSize >= sizeof(SHORT));
return tstring_printf(_T("%hd"), *(PSHORT)pData);
case TDH_INTYPE_UINT16:
assert(nDataSize >= sizeof(USHORT));
switch (OutType) {
case TDH_OUTTYPE_PORT : return tstring_printf(_T("%hu" ), ntohs(*(PUSHORT)pData));
case TDH_OUTTYPE_HEXINT16: return tstring_printf(_T("0x%x"), *(PUSHORT)pData );
case TDH_OUTTYPE_STRING : return tstring_printf(_T("%lc" ), *(PUSHORT)pData );
default : return tstring_printf(_T("%hu" ), *(PUSHORT)pData );
}
case TDH_INTYPE_INT32:
assert(nDataSize >= sizeof(LONG));
switch (OutType) {
case TDH_OUTTYPE_HRESULT: return tstring_printf(_T("0x%x"), *(PLONG)pData);
default : return tstring_printf(_T("%ld" ), *(PLONG)pData);
}
case TDH_INTYPE_UINT32:
assert(nDataSize >= sizeof(ULONG));
switch (OutType) {
case TDH_OUTTYPE_HRESULT :
case TDH_OUTTYPE_WIN32ERROR:
case TDH_OUTTYPE_NTSTATUS :
case TDH_OUTTYPE_HEXINT32 : return tstring_printf(_T("0x%x" ), *(PULONG)pData);
case TDH_OUTTYPE_IPV4 : return tstring_printf(_T("%d.%d.%d.%d"), (*(PULONG)pData >> 0) & 0xff, (*(PULONG)pData >> 8) & 0xff, (*(PULONG)pData >> 16) & 0xff, (*(PULONG)pData >> 24) & 0xff);
default: return pMapInfo ? MapToString(pMapInfo, pData) : tstring_printf(_T("%lu"), *(PULONG)pData);
}
case TDH_INTYPE_HEXINT32:
return DataToString(TDH_INTYPE_UINT32, TDH_OUTTYPE_HEXINT32, pData, nDataSize, pMapInfo, nPtrSize);
case TDH_INTYPE_INT64:
assert(nDataSize >= sizeof(LONGLONG));
return tstring_printf(_T("%I64d"), *(PLONGLONG)pData);
case TDH_INTYPE_UINT64:
assert(nDataSize >= sizeof(ULONGLONG));
switch (OutType) {
case TDH_OUTTYPE_HEXINT64: return tstring_printf(_T("0x%I64x"), *(PULONGLONG)pData);
default : return tstring_printf(_T("%I64u" ), *(PULONGLONG)pData);
}
case TDH_INTYPE_HEXINT64:
return DataToString(TDH_INTYPE_UINT64, TDH_OUTTYPE_HEXINT64, pData, nDataSize, pMapInfo, nPtrSize);
case TDH_INTYPE_FLOAT:
assert(nDataSize >= sizeof(FLOAT));
return tstring_printf(_T("%f"), *(PFLOAT)pData);
case TDH_INTYPE_DOUBLE:
assert(nDataSize >= sizeof(DOUBLE));
return tstring_printf(_T("%I64f"), *(DOUBLE*)pData);
case TDH_INTYPE_BOOLEAN:
assert(nDataSize >= sizeof(ULONG)); // Yes, boolean is really 32-bit.
return *(PULONG)pData ? _T("true") : _T("false");
case TDH_INTYPE_BINARY:
switch (OutType) {
case TDH_OUTTYPE_IPV6: {
auto RtlIpv6AddressToString = (LPTSTR(NTAPI*)(const IN6_ADDR*, LPTSTR))GetProcAddress(GetModuleHandle(_T("ntdll.dll")),
#ifdef _UNICODE
"RtlIpv6AddressToStringW"
#else
"RtlIpv6AddressToStringA"
#endif
);
if (RtlIpv6AddressToString) {
TCHAR szIPv6Addr[47];
RtlIpv6AddressToString((IN6_ADDR*)pData, szIPv6Addr);
return tstring_printf(_T("%s"), szIPv6Addr);
} else
return _T("<IPv6 address>");
}
default: {
tstring out;
for (SIZE_T i = 0; i < nDataSize; i++)
out.append(tstring_printf(i ? _T(" %02x") : _T("%02x"), pData[i]));
return out;
}}
case TDH_INTYPE_HEXDUMP:
return DataToString(TDH_INTYPE_BINARY, TDH_OUTTYPE_NULL, pData, nDataSize, pMapInfo, nPtrSize);
case TDH_INTYPE_GUID: {
assert(nDataSize >= sizeof(GUID));
WCHAR szGuid[39];
StringFromGUID2(*(GUID*)pData, szGuid, _countof(szGuid));
return tstring_printf(_T("%ls"), szGuid);
}
case TDH_INTYPE_POINTER:
assert(nDataSize >= nPtrSize);
switch (nPtrSize) {
case sizeof(ULONG ): return tstring_printf(_T("0x%08x" ), *(PULONG )pData);
case sizeof(ULONGLONG): return tstring_printf(_T("0x%016I64x"), *(PULONGLONG)pData);
default: // Unsupported pointer size.
assert(0);
return _T("<pointer>");
}
case TDH_INTYPE_SIZET:
assert(nDataSize >= nPtrSize);
switch (nPtrSize) {
case sizeof(ULONG ): return tstring_printf(_T("%u" ), *(PULONG )pData);
case sizeof(ULONGLONG): return tstring_printf(_T("%I64u"), *(PULONGLONG)pData);
default: // Unsupported size_t size.
assert(0);
return _T("<size_t>");
}
case TDH_INTYPE_FILETIME: {
assert(nDataSize >= sizeof(FILETIME));
SYSTEMTIME st, st_local;
FileTimeToSystemTime((PFILETIME)pData, &st);
SystemTimeToTzSpecificLocalTime(NULL, &st, &st_local);
return DataToString(TDH_INTYPE_SYSTEMTIME, OutType, (LPCBYTE)&st_local, sizeof(st_local), pMapInfo, nPtrSize);
}
case TDH_INTYPE_SYSTEMTIME:
assert(nDataSize >= sizeof(SYSTEMTIME));
switch (OutType) {
case TDH_OUTTYPE_CULTURE_INSENSITIVE_DATETIME: return tstring_printf(_T("%04d-%02d-%02d %02d:%02d:%02d.%03u"), ((PSYSTEMTIME)pData)->wYear, ((PSYSTEMTIME)pData)->wMonth, ((PSYSTEMTIME)pData)->wDay, ((PSYSTEMTIME)pData)->wHour, ((PSYSTEMTIME)pData)->wMinute, ((PSYSTEMTIME)pData)->wSecond, ((PSYSTEMTIME)pData)->wMilliseconds);
default: {
tstring out;
return GetDateFormat(LOCALE_USER_DEFAULT, DATE_LONGDATE, (PSYSTEMTIME)pData, NULL, out) ? out : tstring(_T("<time>"));
}}
case TDH_INTYPE_WBEMSID:
// A WBEM SID is actually a TOKEN_USER structure followed
// by the SID. The size of the TOKEN_USER structure differs
// depending on whether the events were generated on a 32-bit
// or 64-bit architecture. Also the structure is aligned
// on an 8-byte boundary, so its size is 8 bytes on a
// 32-bit computer and 16 bytes on a 64-bit computer.
// Doubling the pointer size handles both cases.
assert(nDataSize >= nPtrSize * 2);
return (PULONG)pData > 0 ? DataToString(TDH_INTYPE_SID, OutType, pData + nPtrSize * 2, nDataSize - nPtrSize * 2, pMapInfo, nPtrSize) : _T("<WBEM SID>");
case TDH_INTYPE_SID: {
assert(nDataSize >= sizeof(SID));
tstring user_name, domain_name;
SID_NAME_USE eNameUse;
if (LookupAccountSid(NULL, (PSID)pData, &user_name, &domain_name, &eNameUse))
return tstring_printf(_T("%s\\%s"), domain_name.c_str(), user_name.c_str());
else {
unique_ptr<TCHAR[], LocalFree_delete<TCHAR[]> > sid;
if (GetLastError() == ERROR_NONE_MAPPED &&
ConvertSidToStringSid((PSID)pData, (LPTSTR*)&sid))
return tstring_printf(_T("%s"), sid.get());
else
return _T("<SID>");
}
}
default:
// It is not actually an error if we do not understand the given data type.
assert(0);
return _T("<unknown data type>");
}
}
static ULONG GetArraySize(PEVENT_RECORD pEvent, PTRACE_EVENT_INFO pInfo, ULONG i, ULONG *pulArraySize)
{
if (pInfo->EventPropertyInfoArray[i].Flags & PropertyParamCount) {
ULONG ulResult;
// Get array count property.
PROPERTY_DATA_DESCRIPTOR data_desc = { (ULONGLONG)((LPBYTE)pInfo + pInfo->EventPropertyInfoArray[pInfo->EventPropertyInfoArray[i].countPropertyIndex].NameOffset), ULONG_MAX };
vector<unsigned char> count;
if ((ulResult = TdhGetProperty(pEvent, 0, NULL, 1, &data_desc, count)) != ERROR_SUCCESS)
return ulResult;
// Copy count value to output.
switch (count.size()) {
case sizeof(BYTE ): *pulArraySize = *(const BYTE* )count.data(); break;
case sizeof(USHORT): *pulArraySize = *(const USHORT*)count.data(); break;
case sizeof(ULONG ): *pulArraySize = *(const ULONG* )count.data(); break;
default : return ERROR_MORE_DATA;
}
} else
*pulArraySize = pInfo->EventPropertyInfoArray[i].count;
return ERROR_SUCCESS;
}
static tstring PropertyToString(PEVENT_RECORD pEvent, PTRACE_EVENT_INFO pInfo, ULONG ulPropIndex, LPWSTR pStructureName, ULONG ulStructIndex, BYTE nPtrSize)
{
ULONG ulResult;
// Get the size of the array if the property is an array.
ULONG ulArraySize = 0;
if ((ulResult = GetArraySize(pEvent, pInfo, ulPropIndex, &ulArraySize)) != ERROR_SUCCESS)
return tstring_printf(_T("<Error getting array size (error %u)>"), ulResult);;
tstring out;
if (ulArraySize > 1)
out += tstring_printf(_T("[%u]("), ulArraySize);
for (ULONG k = 0; k < ulArraySize; k++) {
if (pInfo->EventPropertyInfoArray[ulPropIndex].Flags & PropertyStruct) {
// The property is a structure: print the members of the structure.
tstring out;
out += _T('(');
for (USHORT j = pInfo->EventPropertyInfoArray[ulPropIndex].structType.StructStartIndex, usLastMember = pInfo->EventPropertyInfoArray[ulPropIndex].structType.StructStartIndex + pInfo->EventPropertyInfoArray[ulPropIndex].structType.NumOfStructMembers; j < usLastMember; j++) {
out += tstring_printf(_T("%ls: "), (LPBYTE)pInfo + pInfo->EventPropertyInfoArray[j].NameOffset);
out += PropertyToString(pEvent, pInfo, j, (LPWSTR)((LPBYTE)(pInfo) + pInfo->EventPropertyInfoArray[ulPropIndex].NameOffset), k, nPtrSize);
}
out += _T(')');
} else {
if (pInfo->EventPropertyInfoArray[ulPropIndex].nonStructType.InType == TDH_INTYPE_BINARY &&
pInfo->EventPropertyInfoArray[ulPropIndex].nonStructType.OutType == TDH_OUTTYPE_IPV6)
{
// The TDH API does not support IPv6 addresses. If the output type is TDH_OUTTYPE_IPV6,
// you will not be able to consume the rest of the event. If you try to consume the
// remainder of the event, you will get ERROR_EVT_INVALID_EVENT_DATA.
return _T("<The event contains an IPv6 address. Skipping.>");
} else {
vector<BYTE> data;
if (pStructureName) {
// To retrieve a member of a structure, you need to specify an array of descriptors.
// The first descriptor in the array identifies the name of the structure and the second
// descriptor defines the member of the structure whose data you want to retrieve.
PROPERTY_DATA_DESCRIPTOR data_desc[2] = {
{ (ULONGLONG)pStructureName , ulStructIndex },
{ (ULONGLONG)((LPBYTE)pInfo + pInfo->EventPropertyInfoArray[ulPropIndex].NameOffset), k }
};
ulResult = TdhGetProperty(pEvent, 0, NULL, _countof(data_desc), data_desc, data);
} else {
PROPERTY_DATA_DESCRIPTOR data_desc = { (ULONGLONG)((LPBYTE)pInfo + pInfo->EventPropertyInfoArray[ulPropIndex].NameOffset), k };
ulResult = TdhGetProperty(pEvent, 0, NULL, 1, &data_desc, data);
}
if (ulResult == ERROR_EVT_INVALID_EVENT_DATA) {
// This happens with empty/NULL data. Not an error actually.
assert(data.empty());
} else if (ulResult != ERROR_SUCCESS)
return tstring_printf(_T("<Error getting property (error %u)>"), ulResult);
// Get the name/value mapping if the property specifies a value map.
unique_ptr<EVENT_MAP_INFO> map_info;
ulResult = TdhGetEventMapInformation(pEvent, (LPWSTR)((LPBYTE)pInfo + pInfo->EventPropertyInfoArray[ulPropIndex].nonStructType.MapNameOffset), map_info);
if (ulResult == ERROR_NOT_FOUND) {
// name/value mapping not found. Not an error actually.
assert(!map_info);
} else if (ulResult != ERROR_SUCCESS)
return tstring_printf(_T("<Error getting map information (error %u)>"), ulResult);
else if (pInfo->DecodingSource == DecodingSourceXMLFile) {
// The mapped string values defined in a manifest will contain a trailing space
// in the EVENT_MAP_ENTRY structure. Replace the trailing space with a null-
// terminating character, so that the bit mapped strings are correctly formatted.
for (ULONG i = 0; i < map_info->EntryCount; i++) {
SIZE_T len = _tcslen((LPCTSTR)((PBYTE)map_info.get() + map_info->MapEntryArray[i].OutputOffset)) - 1;
((LPWSTR)((PBYTE)map_info.get() + map_info->MapEntryArray[i].OutputOffset))[len] = 0;
}
}
if (!out.empty()) out += _T(", ");
out += !data.empty() ? DataToString(
pInfo->EventPropertyInfoArray[ulPropIndex].nonStructType.InType,
pInfo->EventPropertyInfoArray[ulPropIndex].nonStructType.OutType,
data.data(),
data.size(),
map_info.get(),
nPtrSize) : _T("<null>");
}
}
}
if (ulArraySize > 1)
out += _T(')');
return out;
}
static VOID WINAPI EventRecordCallback(_In_ PEVENT_RECORD pEvent)
{
{
// Calculate and print event time-stamp.
FILETIME ft;
ft.dwHighDateTime = pEvent->EventHeader.TimeStamp.HighPart;
ft.dwLowDateTime = pEvent->EventHeader.TimeStamp.LowPart;
SYSTEMTIME st, st_local;
FileTimeToSystemTime(&ft, &st);
SystemTimeToTzSpecificLocalTime(NULL, &st, &st_local);
ULONGLONG
ts = pEvent->EventHeader.TimeStamp.QuadPart,
nanosec = (ts % 10000000) * 100;
_ftprintf(stdout, _T("%04d-%02d-%02d %02d:%02d:%02d.%09I64u"),
st_local.wYear, st_local.wMonth, st_local.wDay, st_local.wHour, st_local.wMinute, st_local.wSecond, nanosec);
}
{
// Get event meta-info.
unique_ptr<TRACE_EVENT_INFO> info;
ULONG ulResult;
if ((ulResult = TdhGetEventInformation(pEvent, 0, NULL, info)) == ERROR_SUCCESS) {
if (info->DecodingSource != DecodingSourceWPP) {
if (pEvent->EventHeader.Flags & EVENT_HEADER_FLAG_STRING_ONLY) {
// This is a string-only event. Print it.
_ftprintf(stdout, _T(" %ls"), pEvent->UserData);
} else {
// This is not a string-only event. Prepare parameters.
BYTE nPtrSize = (pEvent->EventHeader.Flags & EVENT_HEADER_FLAG_32_BIT_HEADER) ? 4 : 8;
vector<tstring> props;
vector<DWORD_PTR> props_msg;
props.reserve(info->TopLevelPropertyCount);
props_msg.reserve(info->TopLevelPropertyCount);
for (ULONG i = 0; i < info->TopLevelPropertyCount; i++) {
props.push_back(std::move(PropertyToString(pEvent, info.get(), i, NULL, 0, nPtrSize)));
props_msg.push_back((DWORD_PTR)props[i].c_str());
}
if (info->EventMessageOffset) {
// Format the message.
_ftprintf(stdout, _T(" %ls"), wstring_msg(0, (LPCTSTR)((LPCBYTE)info.get() + info->EventMessageOffset), props_msg.data()).c_str());
}
}
} else if (info->EventMessageOffset) {
// This is a WPP event.
_ftprintf(stdout, _T(" %ls"), (LPCBYTE)info.get() + info->EventMessageOffset);
}
}
}
_ftprintf(stdout, _T("\n"));
}
#ifdef _UNICODE
int wmain(int argc, const wchar_t *argv[])
#else
int main(int argc, const char *argv[])
#endif
{
UNREFERENCED_PARAMETER(argc);
UNREFERENCED_PARAMETER(argv);
setlocale(LC_ALL, ".OCP");
// Initialize COM.
com_initializer com_init(NULL);
// Start a new session.
ULONG ulResult;
event_session session;
for (unsigned int i = 0; ; i++) {
//tstring log_file(tstring_printf(i ? _T("test.etl") : _T("test %u.etl"), i));
tstring name(tstring_printf(i ? _T(PRODUCT_NAME_STR) _T(" Event Monitor Session %u") : _T(PRODUCT_NAME_STR) _T(" Event Monitor Session"), i));
// Allocate session properties.
ULONG
ulSizeName = (ULONG)((name .length() + 1)*sizeof(TCHAR)),
//ulSizeLogFile = (ULONG)((log_file.length() + 1)*sizeof(TCHAR)),
ulSize = sizeof(EVENT_TRACE_PROPERTIES) + ulSizeName /*+ ulSizeLogFile*/;
unique_ptr<EVENT_TRACE_PROPERTIES> properties((EVENT_TRACE_PROPERTIES*)new char[ulSize]);
if (!properties) {
_ftprintf(stderr, _T("Error allocating session properties memory.\n"));
return 1;
}
// Initialize properties.
memset(properties.get(), 0, sizeof(EVENT_TRACE_PROPERTIES));
properties->Wnode.BufferSize = ulSize;
properties->Wnode.Flags = WNODE_FLAG_TRACED_GUID;
properties->Wnode.ClientContext = 1; //QPC clock resolution
CoCreateGuid(&(properties->Wnode.Guid));
properties->LogFileMode = /*EVENT_TRACE_FILE_MODE_SEQUENTIAL |*/ EVENT_TRACE_REAL_TIME_MODE;
properties->MaximumFileSize = 1; // 1 MB
properties->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
//properties->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + ulSizeName;
//memcpy((LPTSTR)((char*)properties.get() + properties->LogFileNameOffset), log_file.c_str(), ulSizeLogFile);
if ((ulResult = session.create(name.c_str(), properties.get())) == ERROR_SUCCESS) {
break;
} else if (ulResult == ERROR_ACCESS_DENIED) {
_ftprintf(stderr, _T("Access denied creating event session: you need administrative privileges (Run As Administrator) or be a member of Performance Log Users group to start event tracing session.\n"), ulResult);
return 1;
} else if (ulResult == ERROR_ALREADY_EXISTS) {
_ftprintf(stderr, _T("The %s event session already exists.\n"), name.c_str());
// Do not despair... Retry with a new session name and ID.
continue;
} else {
_ftprintf(stderr, _T("Error creating event session (error %u).\n"), ulResult);
return 1;
}
}
// Enable event provider we are interested in to log events to our session.
event_trace_enabler trace_enabler_event(session, &EAPMETHOD_TRACE_EVENT_PROVIDER, TRACE_LEVEL_VERBOSE);
if ((ulResult = trace_enabler_event.status()) != ERROR_SUCCESS) {
_ftprintf(stderr, _T("Error enabling event provider (error %u).\n"), ulResult);
return 1;
}
// {6EB8DB94-FE96-443F-A366-5FE0CEE7FB1C}
static const GUID s_provider_eaphost = { 0X6EB8DB94, 0XFE96, 0X443F, { 0XA3, 0X66, 0X5F, 0XE0, 0XCE, 0XE7, 0XFB, 0X1C } };
event_trace_enabler trace_enabler_eaphost(session, &s_provider_eaphost, TRACE_LEVEL_INFORMATION);
if ((ulResult = trace_enabler_eaphost.status()) != ERROR_SUCCESS) {
// If the EAPHost trace provider failed to enable, do not despair.
_ftprintf(stderr, _T("Error enabling EAPHost event provider (error %u).\n"), ulResult);
}
// Open trace.
EVENT_TRACE_LOGFILE tlf = {};
tlf.LoggerName = (LPTSTR)session.name();
tlf.ProcessTraceMode = PROCESS_TRACE_MODE_REAL_TIME | PROCESS_TRACE_MODE_EVENT_RECORD;
tlf.EventRecordCallback = EventRecordCallback;
event_trace trace;
if (!trace.create(&tlf)) {
_ftprintf(stderr, _T("Error opening event trace (error %u).\n"), GetLastError());
return 1;
}
// Process events.
g_traces.push_back(trace.detach());
SetConsoleCtrlHandler(ConsoleHandler, TRUE);
ProcessTrace(g_traces.data(), (ULONG)g_traces.size(), NULL, NULL);
return 0;
}

9
EventMonitor/README.md Normal file
View File

@@ -0,0 +1,9 @@
#EventMonitor
Output real-time G<>ANTLink events to console
##Usage
```
EventMonitor
```
Press Ctrl+C to stop the program.

21
EventMonitor/StdAfx.cpp Normal file
View File

@@ -0,0 +1,21 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"

37
EventMonitor/StdAfx.h Normal file
View File

@@ -0,0 +1,37 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include "../include/Version.h"
#include <WinStd/COM.h>
#include <WinStd/ETW.h>
#include <WinStd/Win.h>
#include <Windows.h>
#include <in6addr.h>
#include <MSTcpIP.h>
#include <Sddl.h>
#include <tchar.h>
#include <vector>
#include <EventsETW.h> // Must include after <Windows.h>

BIN
MSI/Base/Main/Makefile
View File

Binary file not shown.

2
MSI/MSIBuild

Submodule MSI/MSIBuild updated: 74c5814a13...16655a6871

BIN
Makefile
View File

Binary file not shown.

11
VS10Solution.sln
View File

@@ -40,6 +40,8 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TTLS_UI", "lib\TTLS_UI\buil
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MsiUseFeature", "MsiUseFeature\MsiUseFeature.vcxproj", "{679D03C5-CD70-4FFA-93F8-A4AB3637509B}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "EventMonitor", "EventMonitor\EventMonitor.vcxproj", "{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Win32 = Debug|Win32
@@ -160,6 +162,14 @@ Global
{679D03C5-CD70-4FFA-93F8-A4AB3637509B}.Release|Win32.Build.0 = Release|Win32
{679D03C5-CD70-4FFA-93F8-A4AB3637509B}.Release|x64.ActiveCfg = Release|x64
{679D03C5-CD70-4FFA-93F8-A4AB3637509B}.Release|x64.Build.0 = Release|x64
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Debug|Win32.ActiveCfg = Debug|Win32
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Debug|Win32.Build.0 = Debug|Win32
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Debug|x64.ActiveCfg = Debug|x64
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Debug|x64.Build.0 = Debug|x64
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Release|Win32.ActiveCfg = Release|Win32
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Release|Win32.Build.0 = Release|Win32
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Release|x64.ActiveCfg = Release|x64
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@@ -179,5 +189,6 @@ Global
{42F0F0F4-C928-4860-A4E4-94991C2C3D90} = {E66A3FE1-4EE4-401F-8EAD-BE518B230393}
{2D3CE079-7EB1-4F47-B79E-F0310671ECCB} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
{679D03C5-CD70-4FFA-93F8-A4AB3637509B} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
{E0D0725B-B2FC-4225-9481-CA9B1B6306F2} = {7B5EC9B7-208C-426A-941D-DAF9271BD4A4}
EndGlobalSection
EndGlobal

BIN
include/MSIBuildCfg.mak
View File

Binary file not shown.

10
include/Version.h
View File

@@ -29,7 +29,7 @@
// Product version as a single DWORD
// Note: Used for version comparison within C/C++ code.
//
#define PRODUCT_VERSION 0x00ff0400
#define PRODUCT_VERSION 0x00ff0500
//
// Product version by components
@@ -39,26 +39,26 @@
//
#define PRODUCT_VERSION_MAJ 0
#define PRODUCT_VERSION_MIN 255
#define PRODUCT_VERSION_REV 4
#define PRODUCT_VERSION_REV 5
#define PRODUCT_VERSION_BUILD 0
//
// Human readable product version and build year for UI
//
#define PRODUCT_VERSION_STR "1.0-alpha4"
#define PRODUCT_VERSION_STR "1.0-alpha5"
#define PRODUCT_BUILD_YEAR_STR "2016"
//
// Numerical version presentation for ProductVersion propery in
// MSI packages (syntax: N.N[.N[.N]])
//
#define PRODUCT_VERSION_INST "0.255.4"
#define PRODUCT_VERSION_INST "0.255.5"
//
// The product code for ProductCode property in MSI packages
// Replace with new on every version change, regardless how minor it is.
//
#define PRODUCT_VERSION_GUID "{18A0CABB-BDE9-499B-B840-E955C69F9386}"
#define PRODUCT_VERSION_GUID "{4A006C27-4001-47C7-B0C2-2A16525A17C3}"
//
// Since the product name is not finally confirmed at the time of

1
lib/EAPBase/build/EAPBase.vcxproj
View File

@@ -92,7 +92,6 @@
<ClCompile Include="..\src\Config.cpp" />
<ClCompile Include="..\src\Credentials.cpp" />
<ClCompile Include="..\src\Module.cpp" />
<ClCompile Include="..\src\Session.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>

3
lib/EAPBase/build/EAPBase.vcxproj.filters
View File

@@ -40,9 +40,6 @@
<ClCompile Include="..\src\StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Session.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\Config.cpp">
<Filter>Source Files</Filter>
</ClCompile>

154
lib/EAPBase/include/Config.h
View File

@@ -127,6 +127,8 @@ namespace eapserial
#include "EAPSerial.h"
#include "EAPXML.h"
#include "../../../include/Version.h"
#include <WinStd/COM.h>
#include <WinStd/Common.h>
@@ -227,6 +229,12 @@ namespace eap
template <class _Tcred>
class config_method : public config
{
public:
///
/// Configuration credentials type
///
typedef _Tcred credentials_type;
public:
///
/// Constructs configuration
@@ -336,20 +344,20 @@ namespace eap
// <ClientSideCredential>
winstd::com_obj<IXMLDOMElement> pXmlElClientSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ClientSideCredential"), winstd::bstr(L"ClientSideCredential"), bstrNamespace, &pXmlElClientSideCredential)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientSideCredential> element."));
return false;
}
// <ClientSideCredential>/<allow-save>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"allow-save"), bstrNamespace, m_allow_save)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <allow-save> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <allow-save> element."));
return false;
}
// <ClientSideCredential>/<AnonymousIdentity>
if (!m_anonymous_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientSideCredential, winstd::bstr(L"AnonymousIdentity"), bstrNamespace, winstd::bstr(m_anonymous_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AnonymousIdentity> element."));
return false;
}
@@ -420,13 +428,21 @@ namespace eap
template <class _Tmeth>
class config_provider : public config
{
public:
///
/// Provider method configuration type
///
typedef _Tmeth config_method_type;
public:
///
/// Constructs configuration
///
/// \param[in] mod Reference of the EAP module to use for global services
///
config_provider(_In_ module &mod) : config(mod)
config_provider(_In_ module &mod) :
m_read_only(false),
config(mod)
{
}
@@ -436,7 +452,12 @@ namespace eap
/// \param[in] other Configuration to copy from
///
config_provider(_In_ const config_provider &other) :
m_read_only(other.m_read_only),
m_id(other.m_id),
m_name(other.m_name),
m_help_email(other.m_help_email),
m_help_web(other.m_help_web),
m_help_phone(other.m_help_phone),
m_lbl_alt_credential(other.m_lbl_alt_credential),
m_lbl_alt_identity(other.m_lbl_alt_identity),
m_lbl_alt_password(other.m_lbl_alt_password),
@@ -451,7 +472,12 @@ namespace eap
/// \param[in] other Configuration to move from
///
config_provider(_Inout_ config_provider &&other) :
m_read_only(std::move(other.m_read_only)),
m_id(std::move(other.m_id)),
m_name(std::move(other.m_name)),
m_help_email(std::move(other.m_help_email)),
m_help_web(std::move(other.m_help_web)),
m_help_phone(std::move(other.m_help_phone)),
m_lbl_alt_credential(std::move(other.m_lbl_alt_credential)),
m_lbl_alt_identity(std::move(other.m_lbl_alt_identity)),
m_lbl_alt_password(std::move(other.m_lbl_alt_password)),
@@ -471,7 +497,12 @@ namespace eap
{
if (this != &other) {
(config&)*this = other;
m_read_only = other.m_read_only;
m_id = other.m_id;
m_name = other.m_name;
m_help_email = other.m_help_email;
m_help_web = other.m_help_web;
m_help_phone = other.m_help_phone;
m_lbl_alt_credential = other.m_lbl_alt_credential;
m_lbl_alt_identity = other.m_lbl_alt_identity;
m_lbl_alt_password = other.m_lbl_alt_password;
@@ -492,7 +523,12 @@ namespace eap
{
if (this != &other) {
(config&&)*this = std::move(other);
m_read_only = std::move(m_read_only);
m_id = std::move(other.m_id);
m_name = std::move(other.m_name);
m_help_email = std::move(other.m_help_email);
m_help_web = std::move(other.m_help_web);
m_help_phone = std::move(other.m_help_phone);
m_lbl_alt_credential = std::move(other.m_lbl_alt_credential);
m_lbl_alt_identity = std::move(other.m_lbl_alt_identity);
m_lbl_alt_password = std::move(other.m_lbl_alt_password);
@@ -529,45 +565,86 @@ namespace eap
DWORD dwResult;
HRESULT hr;
// <read-only>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, winstd::bstr(L"read-only"), bstrNamespace, m_read_only)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <read-only> element."));
return false;
}
// <ID>
if (!m_id.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, winstd::bstr(L"ID"), bstrNamespace, winstd::bstr(m_id))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ID> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ID> element."));
return false;
}
// <ProviderInfo>
winstd::com_obj<IXMLDOMElement> pXmlElProviderInfo;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:ProviderInfo"), winstd::bstr(L"ProviderInfo"), bstrNamespace, &pXmlElProviderInfo)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ProviderInfo> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ProviderInfo> element."));
return false;
}
// <ProviderInfo>/<DisplayName>
if (!m_name.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"DisplayName"), bstrNamespace, winstd::bstr(m_name))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <DisplayName> element."));
return false;
}
// <ProviderInfo>/<Helpdesk>
winstd::com_obj<IXMLDOMElement> pXmlElHelpdesk;
if ((dwResult = eapxml::create_element(pDoc, pXmlElProviderInfo, winstd::bstr(L"eap-metadata:Helpdesk"), winstd::bstr(L"Helpdesk"), bstrNamespace, &pXmlElHelpdesk)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Helpdesk> element."));
return false;
}
// <ProviderInfo>/<Helpdesk>/<EmailAddress>
if (!m_help_email.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, winstd::bstr(L"EmailAddress"), bstrNamespace, winstd::bstr(m_help_email))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <EmailAddress> element."));
return false;
}
// <ProviderInfo>/<Helpdesk>/<WebAddress>
if (!m_help_web.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, winstd::bstr(L"WebAddress"), bstrNamespace, winstd::bstr(m_help_web))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <WebAddress> element."));
return false;
}
// <ProviderInfo>/<Helpdesk>/<Phone>
if (!m_help_phone.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElHelpdesk, winstd::bstr(L"Phone"), bstrNamespace, winstd::bstr(m_help_phone))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Phone> element."));
return false;
}
// <ProviderInfo>/<CredentialPrompt>
if (!m_lbl_alt_credential.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"CredentialPrompt"), bstrNamespace, winstd::bstr(m_lbl_alt_credential))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CredentialPrompt> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <CredentialPrompt> element."));
return false;
}
// <ProviderInfo>/<UserNameLabel>
if (!m_lbl_alt_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"UserNameLabel"), bstrNamespace, winstd::bstr(m_lbl_alt_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserNameLabel> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <UserNameLabel> element."));
return false;
}
// <ProviderInfo>/<PasswordLabel>
if (!m_lbl_alt_password.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElProviderInfo, winstd::bstr(L"PasswordLabel"), bstrNamespace, winstd::bstr(m_lbl_alt_password))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <PasswordLabel> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <PasswordLabel> element."));
return false;
}
// <AuthenticationMethods>
winstd::com_obj<IXMLDOMElement> pXmlElAuthenticationMethods;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, winstd::bstr(L"eap-metadata:AuthenticationMethods"), winstd::bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethods> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethods> element."));
return false;
}
@@ -575,7 +652,7 @@ namespace eap
// <AuthenticationMethod>
winstd::com_obj<IXMLDOMElement> pXmlElAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <AuthenticationMethod> element."));
return false;
}
@@ -584,7 +661,7 @@ namespace eap
return false;
if (FAILED(hr = pXmlElAuthenticationMethods->appendChild(pXmlElAuthenticationMethod, NULL))) {
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <AuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <AuthenticationMethod> element."));
return false;
}
}
@@ -611,16 +688,39 @@ namespace eap
std::wstring lang;
LoadString(m_module.m_instance, 2, lang);
// <read-only>
if ((dwResult = eapxml::get_element_value(pConfigRoot, winstd::bstr(L"eap-metadata:read-only"), &m_read_only)) != ERROR_SUCCESS)
m_read_only = true;
// <ID>
m_id.clear();
eapxml::get_element_value(pConfigRoot, winstd::bstr(L"eap-metadata:ID"), m_id);
// <ProviderInfo>
m_name.clear();
m_help_email.clear();
m_help_web.clear();
m_help_phone.clear();
m_lbl_alt_credential.clear();
m_lbl_alt_identity.clear();
m_lbl_alt_password.clear();
winstd::com_obj<IXMLDOMElement> pXmlElProviderInfo;
if (eapxml::select_element(pConfigRoot, winstd::bstr(L"eap-metadata:ProviderInfo"), &pXmlElProviderInfo) == ERROR_SUCCESS) {
// <DisplayName>
eapxml::get_element_localized(pXmlElProviderInfo, winstd::bstr(L"eap-metadata:DisplayName"), lang.c_str(), m_name);
winstd::com_obj<IXMLDOMElement> pXmlElHelpdesk;
if (eapxml::select_element(pXmlElProviderInfo, winstd::bstr(L"eap-metadata:Helpdesk"), &pXmlElHelpdesk) == ERROR_SUCCESS) {
// <Helpdesk>/<EmailAddress>
eapxml::get_element_localized(pXmlElHelpdesk, winstd::bstr(L"eap-metadata:EmailAddress"), lang.c_str(), m_help_email);
// <Helpdesk>/<WebAddress>
eapxml::get_element_localized(pXmlElHelpdesk, winstd::bstr(L"eap-metadata:WebAddress"), lang.c_str(), m_help_web);
// <Helpdesk>/<Phone>
eapxml::get_element_localized(pXmlElHelpdesk, winstd::bstr(L"eap-metadata:Phone"), lang.c_str(), m_help_phone);
}
// <CredentialPrompt>
eapxml::get_element_localized(pXmlElProviderInfo, winstd::bstr(L"eap-metadata:CredentialPrompt"), lang.c_str(), m_lbl_alt_credential);
@@ -635,7 +735,7 @@ namespace eap
m_methods.clear();
winstd::com_obj<IXMLDOMNodeList> pXmlListMethods;
if ((dwResult = eapxml::select_nodes(pConfigRoot, winstd::bstr(L"eap-metadata:AuthenticationMethods/eap-metadata:AuthenticationMethod"), &pXmlListMethods)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <AuthenticationMethods>/<AuthenticationMethod> elements."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
long lCount = 0;
@@ -669,7 +769,12 @@ namespace eap
/// @}
public:
bool m_read_only; ///< Is profile read-only
std::wstring m_id; ///< Profile ID
winstd::tstring m_name; ///< Provider name
winstd::tstring m_help_email; ///< Helpdesk e-mail
winstd::tstring m_help_web; ///< Helpdesk website URL
winstd::tstring m_help_phone; ///< Helpdesk phone
winstd::tstring m_lbl_alt_credential; ///< Alternative label for credential prompt
winstd::tstring m_lbl_alt_identity; ///< Alternative label for identity prompt
winstd::tstring m_lbl_alt_password; ///< Alternative label for password prompt
@@ -776,7 +881,7 @@ namespace eap
// Select <EAPIdentityProviderList> node.
winstd::com_obj<IXMLDOMNode> pXmlElIdentityProviderList;
if ((dwResult = eapxml::select_node(pConfigRoot, winstd::bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList> element."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
@@ -784,7 +889,7 @@ namespace eap
// <EAPIdentityProvider>
winstd::com_obj<IXMLDOMElement> pXmlElIdentityProvider;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <EAPIdentityProvider> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <EAPIdentityProvider> element."));
return false;
}
@@ -793,7 +898,7 @@ namespace eap
return false;
if (FAILED(hr = pXmlElIdentityProviderList->appendChild(pXmlElIdentityProvider, NULL))) {
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <EAPIdentityProvider> element."), NULL);
*ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <EAPIdentityProvider> element."));
return false;
}
}
@@ -821,7 +926,7 @@ namespace eap
// Iterate authentication providers (<EAPIdentityProvider>).
winstd::com_obj<IXMLDOMNodeList> pXmlListProviders;
if ((dwResult = eapxml::select_nodes(pConfigRoot, winstd::bstr(L"eap-metadata:EAPIdentityProviderList/eap-metadata:EAPIdentityProvider"), &pXmlListProviders)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <EAPIdentityProviderList><EAPIdentityProvider> elements."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
long lCount = 0;
@@ -887,7 +992,12 @@ namespace eapserial
template <class _Tmeth>
inline void pack(_Inout_ unsigned char *&cursor, _In_ const eap::config_provider<_Tmeth> &val)
{
pack(cursor, val.m_read_only );
pack(cursor, val.m_id );
pack(cursor, val.m_name );
pack(cursor, val.m_help_email );
pack(cursor, val.m_help_web );
pack(cursor, val.m_help_phone );
pack(cursor, val.m_lbl_alt_credential);
pack(cursor, val.m_lbl_alt_identity );
pack(cursor, val.m_lbl_alt_password );
@@ -899,7 +1009,12 @@ namespace eapserial
inline size_t get_pk_size(const eap::config_provider<_Tmeth> &val)
{
return
get_pk_size(val.m_read_only ) +
get_pk_size(val.m_id ) +
get_pk_size(val.m_name ) +
get_pk_size(val.m_help_email ) +
get_pk_size(val.m_help_web ) +
get_pk_size(val.m_help_phone ) +
get_pk_size(val.m_lbl_alt_credential) +
get_pk_size(val.m_lbl_alt_identity ) +
get_pk_size(val.m_lbl_alt_password ) +
@@ -910,7 +1025,12 @@ namespace eapserial
template <class _Tmeth>
inline void unpack(_Inout_ const unsigned char *&cursor, _Out_ eap::config_provider<_Tmeth> &val)
{
unpack(cursor, val.m_read_only );
unpack(cursor, val.m_id );
unpack(cursor, val.m_name );
unpack(cursor, val.m_help_email );
unpack(cursor, val.m_help_web );
unpack(cursor, val.m_help_phone );
unpack(cursor, val.m_lbl_alt_credential);
unpack(cursor, val.m_lbl_alt_identity );
unpack(cursor, val.m_lbl_alt_password );

5
lib/EAPBase/include/Credentials.h
View File

@@ -357,6 +357,11 @@ namespace eap
public:
winstd::sanitizing_wstring m_password; ///< Password
private:
/// \cond internal
static const unsigned char s_entropy[1024];
/// \endcond
};
}

257
lib/EAPBase/include/Module.h
View File

@@ -18,14 +18,6 @@
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#define ETW_ERROR(kw, f, ...) m_ep.write(TRACE_LEVEL_ERROR , kw, _T(__FUNCTION__) _T(" ") f, ##__VA_ARGS__)
#define ETW_WARNING(kw, f, ...) m_ep.write(TRACE_LEVEL_WARNING , kw, _T(__FUNCTION__) _T(" ") f, ##__VA_ARGS__)
#define ETW_INFO(kw, f, ...) m_ep.write(TRACE_LEVEL_INFORMATION, kw, _T(__FUNCTION__) _T(" ") f, ##__VA_ARGS__)
#define ETW_VERBOSE(kw, f, ...) m_ep.write(TRACE_LEVEL_VERBOSE , kw, _T(__FUNCTION__) _T(" ") f, ##__VA_ARGS__)
#define ETW_FN_VOID winstd::event_fn_auto < &EAPMETHOD_TRACE_EVT_FN_CALL, &EAPMETHOD_TRACE_EVT_FN_RETURN > _event_auto(m_ep, __FUNCTION__)
#define ETW_FN_DWORD(res) winstd::event_fn_auto_ret<DWORD , &EAPMETHOD_TRACE_EVT_FN_CALL, &EAPMETHOD_TRACE_EVT_FN_RETURN_DWORD > _event_auto(m_ep, __FUNCTION__, res)
#define ETW_FN_HRESULT(res) winstd::event_fn_auto_ret<HRESULT, &EAPMETHOD_TRACE_EVT_FN_CALL, &EAPMETHOD_TRACE_EVT_FN_RETURN_HRESULT> _event_auto(m_ep, __FUNCTION__, res)
namespace eap
{
///
@@ -54,8 +46,9 @@ namespace eap
#include "EAP.h"
#include <WinStd/Win.h>
#include <WinStd/Crypt.h>
#include <WinStd/ETW.h>
#include <WinStd/Win.h>
#include <Windows.h>
#include <eaptypes.h> // Must include after <Windows.h>
@@ -86,7 +79,7 @@ namespace eap
///
/// Allocate a EAP_ERROR and fill it according to dwErrorCode
///
EAP_ERROR* make_error(_In_ DWORD dwErrorCode, _In_ DWORD dwReasonCode, _In_ LPCGUID pRootCauseGuid, _In_ LPCGUID pRepairGuid, _In_ LPCGUID pHelpLinkGuid, _In_z_ LPCWSTR pszRootCauseString, _In_z_ LPCWSTR pszRepairString) const;
EAP_ERROR* make_error(_In_ DWORD dwErrorCode, _In_opt_z_ LPCWSTR pszRootCauseString = NULL, _In_opt_z_ LPCWSTR pszRepairString = NULL, _In_opt_ DWORD dwReasonCode = 0, _In_opt_ LPCGUID pRootCauseGuid = NULL, _In_opt_ LPCGUID pRepairGuid = NULL, _In_opt_ LPCGUID pHelpLinkGuid = NULL) const;
///
/// Allocate BLOB
@@ -105,6 +98,39 @@ namespace eap
/// @}
/// \name Logging
/// @{
///
/// Writes EAPMETHOD_TRACE_EVT_FN_CALL and returns auto event writer class
///
/// \param[in] pszFnName Function name
///
/// \returns A new auto event writer that writes EAPMETHOD_TRACE_EVT_FN_RETURN event on destruction
///
inline winstd::event_fn_auto get_event_fn_auto(_In_z_ LPCSTR pszFnName) const
{
return winstd::event_fn_auto(m_ep, &EAPMETHOD_TRACE_EVT_FN_CALL, &EAPMETHOD_TRACE_EVT_FN_RETURN, pszFnName);
}
///
/// Writes EAPMETHOD_TRACE_EVT_FN_CALL and returns auto event writer class
///
/// \param[in] pszFnName Function name
///
/// \returns A new auto event writer that writes EAPMETHOD_TRACE_EVT_FN_RETURN_DWORD event on destruction
///
inline winstd::event_fn_auto_ret<DWORD> get_event_fn_auto(_In_z_ LPCSTR pszFnName, _In_ DWORD &result) const
{
return winstd::event_fn_auto_ret<DWORD>(m_ep, &EAPMETHOD_TRACE_EVT_FN_CALL, &EAPMETHOD_TRACE_EVT_FN_RETURN_DWORD, pszFnName, result);
}
///
/// Logs error
///
void log_error(_In_ const EAP_ERROR *err) const;
/// @}
/// \name Encryption
/// @{
@@ -142,7 +168,7 @@ namespace eap
template<class _Elem, class _Traits, class _Ax>
bool encrypt(_In_ HCRYPTPROV hProv, _In_ const std::basic_string<_Elem, _Traits, _Ax> &val, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash = NULL) const
{
return encrypt(hProv, val.c_str(), val.length*sizeof(_Elem), enc, ppEapError, hHash);
return encrypt(hProv, val.c_str(), val.length()*sizeof(_Elem), enc, ppEapError, hHash);
}
@@ -243,32 +269,37 @@ namespace eap
{
assert(ppEapError);
// Import the private key.
// Import the private RSA key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PRIVATE), RT_RCDATA);
assert(res);
HGLOBAL res_handle = LoadResource(m_instance, res);
assert(res_handle);
crypt_key key;
crypt_key key_rsa;
unique_ptr<unsigned char[], LocalFree_delete<unsigned char[]> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."));
return false;
}
if (!key_rsa.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Private key import failed."));
return false;
}
if (!key.import(hProv, keyinfo_data.get(), keyinfo_size, NULL, 0)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Private key import failed."), NULL);
// Import the 256-bit AES session key.
crypt_key key_aes;
if (!CryptImportKey(hProv, (LPCBYTE)data, 268, key_rsa, 0, &key_aes)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptImportKey failed."));
return false;
}
// Decrypt the data using our private key.
vector<unsigned char, sanitizing_allocator<unsigned char> > buf(size);
memcpy(buf.data(), data, size);
if (!CryptDecrypt(key, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Decrypting password failed."), NULL);
// Decrypt the data using AES session key.
vector<unsigned char, sanitizing_allocator<unsigned char> > buf;
buf.assign((const unsigned char*)data + 268, (const unsigned char*)data + size);
if (!CryptDecrypt(key_aes, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptDecrypt failed."));
return false;
}
dec.assign(buf.begin(), buf.end());
return true;
@@ -295,7 +326,7 @@ namespace eap
std::vector<_Elem, sanitizing_allocator<_Elem> > buf;
if (!decrypt(hProv, data, size, buf, ppEapError, hHash))
return false;
dec.assign((const _Elem*)buf.begin(), (const _Elem*)buf.end());
dec.assign(buf.data(), buf.size());
return true;
}
@@ -346,13 +377,13 @@ namespace eap
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Creating MD5 hash failed."));
return false;
}
DWORD dwHashSize, dwHashSizeSize = sizeof(dwHashSize);
CryptGetHashParam(hash, HP_HASHSIZE, (LPBYTE)&dwHashSize, &dwHashSizeSize, 0);
if (size < dwHashSize) {
*ppEapError = make_error(ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypted data too short."), NULL);
*ppEapError = make_error(ERROR_INVALID_DATA, _T(__FUNCTION__) _T(" Encrypted data too short."));
return false;
}
size_t enc_size = size - dwHashSize;
@@ -364,11 +395,11 @@ namespace eap
// Calculate MD5 hash and verify it.
vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Calculating MD5 hash failed."));
return false;
}
if (memcmp((unsigned char*)data + enc_size, hash_bin.data(), dwHashSize) != 0) {
*ppEapError = make_error(ERROR_INVALID_DATA, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Invalid encrypted data."), NULL);
*ppEapError = make_error(ERROR_INVALID_DATA, _T(__FUNCTION__) _T(" Invalid encrypted data."));
return false;
}
@@ -427,6 +458,129 @@ namespace eap
/// @}
/// \name BLOB management
/// @{
///
/// Unencrypts and unpacks the BLOB
///
/// \param[inout] record Object to unpack to
/// \param[in ] pDataIn Pointer to encrypted BLOB
/// \param[in ] dwDataInSize Size of \p pDataIn
/// \param[out ] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class T>
bool unpack(
_Inout_ T &record,
_In_count_(dwDataInSize) const BYTE *pDataIn,
_In_ DWORD dwDataInSize,
_Out_ EAP_ERROR **ppEapError)
{
#if 1
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptAcquireContext failed."));
return false;
}
// Decrypt data.
vector<unsigned char, sanitizing_allocator<unsigned char> > data;
if (!decrypt_md5(cp, pDataIn, dwDataInSize, data, ppEapError))
return false;
const unsigned char *cursor = data.data();
eapserial::unpack(cursor, record);
assert(cursor - data.data() <= (ptrdiff_t)data.size());
#else
UNREFERENCED_PARAMETER(ppEapError);
const unsigned char *cursor = pDataIn;
eapserial::unpack(cursor, record);
assert(cursor - pDataIn <= (ptrdiff_t)dwDataInSize);
#endif
return true;
}
///
/// Packs and encrypts to the BLOB
///
/// \param[in ] record Object to pack
/// \param[out] ppDataOut Pointer to pointer to receive encrypted BLOB. Pointer must be freed using `module::free_memory()`.
/// \param[out] pdwDataOutSize Pointer to \p ppDataOut size
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
template<class T>
bool pack(
_In_ const T &record,
_Out_ BYTE **ppDataOut,
_Out_ DWORD *pdwDataOutSize,
_Out_ EAP_ERROR **ppEapError)
{
#if 1
// Allocate BLOB.
std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data;
data.resize(eapserial::get_pk_size(record));
// Pack to BLOB.
unsigned char *cursor = data.data();
eapserial::pack(cursor, record);
data.resize(cursor - data.data());
// Prepare cryptographics provider.
winstd::crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptAcquireContext failed."));
return false;
}
// Encrypt BLOB.
std::vector<unsigned char> data_enc;
if (!encrypt_md5(cp, data.data(), data.size(), data_enc, ppEapError))
return false;
// Copy encrypted BLOB to output.
assert(ppDataOut);
assert(pdwDataOutSize);
*pdwDataOutSize = (DWORD)data_enc.size();
*ppDataOut = alloc_memory(*pdwDataOutSize);
if (!*ppDataOut) {
log_error(*ppEapError = g_peer.make_error(ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str()));
return false;
}
memcpy(*ppDataOut, data_enc.data(), *pdwDataOutSize);
#else
// Allocate BLOB.
assert(ppDataOut);
assert(pdwDataOutSize);
*pdwDataOutSize = (DWORD)eapserial::get_pk_size(record);
*ppDataOut = alloc_memory(*pdwDataOutSize);
if (!*ppDataOut) {
log_error(*ppEapError = g_peer.make_error(ERROR_OUTOFMEMORY, tstring_printf(_T(__FUNCTION__) _T(" Error allocating memory for BLOB (%uB)."), *pdwDataOutSize).c_str()));
return false;
}
// Pack to BLOB.
unsigned char *cursor = *ppDataOut;
eapserial::pack(cursor, record);
assert(cursor - *ppDataOut <= (ptrdiff_t)*pdwDataOutSize);
#endif
return true;
}
/// @}
public:
HINSTANCE m_instance; ///< Windows module instance
const type_t m_eap_method; ///< EAP method type
@@ -441,10 +595,15 @@ namespace eap
class peer_base : public module
{
public:
///
/// Provider configuration data type
///
typedef config_provider<_Tcfg> provider_config_type;
///
/// Configuration data type
///
typedef config_providers<config_provider<_Tcfg> > config_type;
typedef config_providers<provider_config_type> config_type;
///
/// Identity data type
@@ -510,17 +669,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError) = 0;
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError) = 0;
///
/// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data.
@@ -532,15 +687,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const = 0;
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const = 0;
///
/// Defines the implementation of an EAP method-specific function that obtains the EAP Single-Sign-On (SSO) credential input fields for an EAP method.
@@ -566,7 +719,7 @@ namespace eap
UNREFERENCED_PARAMETER(pEapConfigInputFieldsArray);
UNREFERENCED_PARAMETER(ppEapError);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
@@ -598,7 +751,7 @@ namespace eap
UNREFERENCED_PARAMETER(ppUserBlob);
UNREFERENCED_PARAMETER(ppEapError);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
@@ -628,7 +781,7 @@ namespace eap
UNREFERENCED_PARAMETER(ppEapError);
UNREFERENCED_PARAMETER(pvReserved);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
@@ -662,7 +815,7 @@ namespace eap
UNREFERENCED_PARAMETER(ppEapError);
UNREFERENCED_PARAMETER(ppvReserved);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
};

189
lib/EAPBase/include/Session.h
View File

@@ -23,7 +23,7 @@ namespace eap
///
/// EAP session
///
class session;
template <class _Tcfg, class _Tid, class _Tint, class _Tintres> class session;
}
#pragma once
@@ -40,29 +40,74 @@ extern "C" {
namespace eap
{
template <class _Tcfg, class _Tid, class _Tint, class _Tintres>
class session
{
public:
///
/// Provider configuration data type
///
typedef config_provider<_Tcfg> provider_config_type;
///
/// Configuration data type
///
typedef config_providers<provider_config_type> config_type;
///
/// Identity data type
///
typedef _Tid identity_type;
///
/// Interactive request data type
///
typedef _Tint interactive_request_type;
///
/// Interactive response data type
///
typedef _Tintres interactive_response_type;
public:
///
/// Constructs a session
///
/// \param[in] mod Reference of the EAP module to use for global services
///
session(_In_ module &mod);
session(_In_ module &mod) :
m_module(mod),
m_cfg(mod),
m_id(mod)
{
}
///
/// Copies session
///
/// \param[in] other Session to copy from
///
session(_In_ const session &other);
session(_In_ const session &other) :
m_module(other.m_module),
m_cfg(other.m_cfg),
m_id(other.m_id)
{
}
///
/// Moves session
///
/// \param[in] other Session to move from
///
session(_Inout_ session &&other);
session(_Inout_ session &&other) :
m_module(other.m_module),
m_cfg(std::move(other.m_cfg)),
m_id(std::move(other.m_id))
{
}
///
/// Copies session
@@ -71,7 +116,16 @@ namespace eap
///
/// \returns Reference to this object
///
session& operator=(_In_ const session &other);
session& operator=(_In_ const session &other)
{
if (this != std::addressof(other)) {
assert(std::addressof(m_module) ==std::addressof(other.m_module)); // Copy session within same module only!
m_cfg = other.m_cfg;
m_id = other.m_id;
}
return *this;
}
///
/// Moves session
@@ -80,7 +134,16 @@ namespace eap
///
/// \returns Reference to this object
///
session& operator=(_Inout_ session &&other);
session& operator=(_Inout_ session &&other)
{
if (this != std::addressof(other)) {
assert(std::addressof(m_module) ==std::addressof(other.m_module)); // Move session within same module only!
m_cfg = std::move(other.m_cfg);
m_id = std::move(other.m_id);
}
return *this;
}
/// \name Session start/end
/// @{
@@ -95,15 +158,21 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError);
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(pAttributeArray);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
///
/// Ends an EAP authentication session for the EAP method.
@@ -114,7 +183,12 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool end(_Out_ EAP_ERROR **ppEapError);
virtual bool end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
/// @}
@@ -134,7 +208,17 @@ namespace eap
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError);
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Obtains a response packet from the EAP method.
@@ -148,7 +232,16 @@ namespace eap
virtual bool get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError);
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Obtains the result of an authentication session from the EAP method.
@@ -159,7 +252,15 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError);
virtual bool get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
@@ -178,9 +279,16 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError);
_Out_ interactive_request_type &req,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(req);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Provides a user interface context to the EAP method.
@@ -194,10 +302,17 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError);
_In_ const interactive_response_type &res,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(res);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
@@ -213,7 +328,15 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError);
virtual bool get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
///
/// Provides an updated array of EAP response attributes to the EAP method.
@@ -224,11 +347,21 @@ namespace eap
/// - \c true if succeeded
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError);
virtual bool set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
/// @}
public:
module &m_module; ///< Reference of the EAP module
config_type m_cfg; ///< Session configuration
identity_type m_id; ///< User identity
};
}

145
lib/EAPBase/src/Credentials.cpp
View File

@@ -90,7 +90,7 @@ bool eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
// <UserName>
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserName> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <UserName> element."));
return false;
}
@@ -104,7 +104,7 @@ bool eap::credentials::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppE
DWORD dwResult;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:UserName"), m_identity)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <UserName> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error reading <UserName> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
@@ -183,7 +183,7 @@ bool eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), bstrNamespace, pass);
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (dwResult != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <Password> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <Password> element."));
return false;
}
@@ -201,7 +201,7 @@ bool eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR
bstr pass;
if ((dwResult = eapxml::get_element_value(pConfigRoot, bstr(L"eap-metadata:Password"), &pass)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <Password> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error reading <Password> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
m_password = pass;
@@ -215,36 +215,24 @@ bool eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **
{
assert(pszTargetName);
assert(ppEapError);
string password_enc;
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Encrypt password.
vector<unsigned char> password;
if (!m_module.encrypt_md5(cp, m_password, password, ppEapError))
return false;
// Convert encrypted password to Base64, since CredProtectA() fail for binary strings.
string password_base64;
base64_enc enc;
enc.encode(password_base64, password.data(), password.size());
// Convert password to UTF-8.
sanitizing_string cred_utf8;
WideCharToMultiByte(CP_UTF8, 0, m_password.c_str(), (int)m_password.length(), cred_utf8, NULL, NULL);
// Encrypt the password using user's key.
CRED_PROTECTION_TYPE cpt;
if (!CredProtectA(TRUE, password_base64.c_str(), (DWORD)password_base64.length(), password_enc, &cpt)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
DATA_BLOB cred_blob = { (DWORD)cred_utf8.size() , (LPBYTE)cred_utf8.data() };
DATA_BLOB entropy_blob = { sizeof(s_entropy), (LPBYTE)s_entropy };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc)) {
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptProtectData failed."));
return false;
}
tstring target(target_name(pszTargetName));
// Write credentials.
assert(password_enc.size() < CRED_MAX_CREDENTIAL_BLOB_SIZE);
assert(cred_enc.cbData < CRED_MAX_CREDENTIAL_BLOB_SIZE);
assert(m_identity.length() < CRED_MAX_USERNAME_LENGTH );
CREDENTIAL cred = {
0, // Flags
@@ -252,8 +240,8 @@ bool eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **
(LPTSTR)target.c_str(), // TargetName
_T(""), // Comment
{ 0, 0 }, // LastWritten
(DWORD)password_enc.size(), // CredentialBlobSize
(LPBYTE)password_enc.data(),// CredentialBlob
cred_enc.cbData, // CredentialBlobSize
cred_enc.pbData, // CredentialBlob
CRED_PERSIST_ENTERPRISE, // Persist
0, // AttributeCount
NULL, // Attributes
@@ -261,7 +249,7 @@ bool eap::credentials_pass::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CredWrite failed."));
return false;
}
@@ -276,32 +264,95 @@ bool eap::credentials_pass::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CredRead failed."));
return false;
}
m_identity = cred->UserName;
// Decrypt the password using user's key.
string password_base64;
if (!CredUnprotectA(TRUE, (LPCSTR)(cred->CredentialBlob), cred->CredentialBlobSize, password_base64)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int)) {
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptUnprotectData failed."));
return false;
}
// Convert Base64 to binary encrypted password, since CredProtectA() fail for binary strings.
vector<unsigned char> password;
base64_dec dec;
bool is_last;
dec.decode(password, is_last, password_base64.c_str(), password_base64.length());
// Convert password from UTF-8.
MultiByteToWideChar(CP_UTF8, 0, (LPCSTR)cred_int.pbData, (int)cred_int.cbData, m_password);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
if (cred->UserName)
m_identity = cred->UserName;
else
m_identity.clear();
// Decrypt password.
return m_module.decrypt_md5(cp, password.data(), password.size(), m_password, ppEapError);
return true;
}
const unsigned char eap::credentials_pass::s_entropy[1024] = {
0x40, 0x88, 0xd3, 0x13, 0x81, 0x8a, 0xf6, 0x74, 0x55, 0x8e, 0xcc, 0x73, 0x2c, 0xf8, 0x93, 0x37,
0x4f, 0xeb, 0x1d, 0x66, 0xb7, 0xfb, 0x47, 0x75, 0xb4, 0xfd, 0x07, 0xbb, 0xf6, 0xb3, 0x05, 0x30,
0x4a, 0xc0, 0xff, 0x05, 0xbd, 0x1e, 0x2f, 0x55, 0xc8, 0x77, 0x70, 0x47, 0xc9, 0x85, 0x57, 0x22,
0x8e, 0x54, 0x0b, 0x4d, 0x26, 0x80, 0x11, 0x0c, 0x52, 0x55, 0xc2, 0x3b, 0x9b, 0xd2, 0x19, 0x61,
0xf1, 0x71, 0xf5, 0x4b, 0x49, 0x73, 0xf9, 0x6d, 0x44, 0xd2, 0x90, 0x92, 0x2d, 0xae, 0xc6, 0xbb,
0x3d, 0xfe, 0x52, 0x47, 0x82, 0xc1, 0xa9, 0xe1, 0x6a, 0xd1, 0xd2, 0x4e, 0x3d, 0x9b, 0x4e, 0xc0,
0x40, 0x36, 0x79, 0xd3, 0x88, 0xfc, 0x0b, 0x79, 0x8c, 0xb2, 0x9d, 0x74, 0x13, 0x29, 0x59, 0x0c,
0xe0, 0x87, 0x34, 0x7d, 0xc1, 0x30, 0xd4, 0xe9, 0x98, 0xd1, 0x3f, 0x82, 0xcb, 0x8b, 0x44, 0x09,
0x2d, 0xc5, 0x9e, 0x3d, 0x66, 0xe5, 0x1a, 0x9d, 0xa6, 0x87, 0x20, 0x7f, 0x55, 0xd7, 0x89, 0xf2,
0xbb, 0x5f, 0x00, 0xf9, 0x38, 0xd3, 0x49, 0x10, 0x6f, 0x3a, 0xab, 0x5d, 0x8f, 0x73, 0x8c, 0xbc,
0x6f, 0xf1, 0xef, 0x83, 0x43, 0xcb, 0xc9, 0xb7, 0x9f, 0x24, 0xe4, 0x91, 0x3a, 0xe6, 0xab, 0x6c,
0xf2, 0xfd, 0x66, 0xf0, 0xb1, 0x1a, 0xc8, 0xc4, 0x6b, 0x9d, 0xa7, 0x10, 0x7d, 0x30, 0x29, 0x1b,
0xe5, 0xfe, 0x1c, 0x97, 0x86, 0x1e, 0x80, 0xe5, 0x12, 0x0a, 0x2a, 0x0d, 0xd9, 0x4a, 0x35, 0xe5,
0xab, 0xdf, 0x61, 0x76, 0x4e, 0x36, 0xff, 0xb1, 0x26, 0x5e, 0x12, 0x7f, 0xdf, 0xd7, 0x98, 0x55,
0xf9, 0x89, 0x30, 0xcc, 0xe9, 0xf6, 0xd0, 0xc0, 0x69, 0xf4, 0x78, 0x81, 0x10, 0xeb, 0x34, 0xf3,
0x5a, 0x8a, 0x62, 0xd4, 0x97, 0xe6, 0xb7, 0x98, 0x86, 0x5f, 0xb6, 0xcb, 0x9c, 0xab, 0xd6, 0xe9,
0xda, 0x2b, 0x41, 0xbb, 0xa3, 0x37, 0x1f, 0x7d, 0x4e, 0x19, 0x13, 0xc3, 0xab, 0x23, 0x4d, 0xa6,
0x51, 0xa9, 0x07, 0x60, 0xb9, 0x0c, 0x49, 0xce, 0x40, 0x29, 0x15, 0x0d, 0x10, 0xde, 0xc9, 0x0c,
0x11, 0x91, 0xdc, 0xdf, 0xc8, 0xac, 0x13, 0xe5, 0xe9, 0x11, 0xdc, 0x47, 0xb7, 0xb3, 0xf5, 0xd0,
0xc4, 0x38, 0x10, 0x17, 0xf7, 0x93, 0x93, 0x6b, 0x56, 0x10, 0xc6, 0xa6, 0x4c, 0xf8, 0x9c, 0x52,
0xb7, 0xbd, 0x87, 0xe8, 0xff, 0x84, 0x01, 0xbb, 0x40, 0x84, 0x03, 0x19, 0x6f, 0xf7, 0x46, 0x6f,
0x10, 0xc0, 0x85, 0xdf, 0xfd, 0xad, 0x00, 0xf6, 0xd5, 0x05, 0x22, 0xf4, 0x28, 0x87, 0xf6, 0x0c,
0xca, 0xda, 0x9a, 0x67, 0x63, 0xa4, 0x2d, 0x4d, 0xa5, 0x06, 0xa1, 0x8b, 0x32, 0x9b, 0xb0, 0xed,
0x05, 0x8e, 0x36, 0xa4, 0xbe, 0xa0, 0x9c, 0x78, 0xfa, 0x2c, 0x9e, 0x99, 0x02, 0x50, 0x63, 0xd4,
0xd5, 0x4a, 0x9b, 0xc3, 0x81, 0x95, 0xab, 0x18, 0x47, 0x3d, 0x44, 0x15, 0x33, 0x79, 0xd0, 0x53,
0x4e, 0xfc, 0x2f, 0x66, 0xc9, 0x7c, 0xb9, 0xda, 0xa2, 0xce, 0xfa, 0x39, 0xea, 0x72, 0x2c, 0xe2,
0x5c, 0x1f, 0x7e, 0xcd, 0x2a, 0x3e, 0x11, 0x19, 0x06, 0xc7, 0x03, 0x89, 0x4c, 0xd3, 0x73, 0xea,
0xa5, 0x69, 0x1e, 0x68, 0x04, 0xcd, 0xbb, 0xc4, 0x74, 0x7b, 0x1e, 0x75, 0x6f, 0xf1, 0x89, 0xea,
0x21, 0xdf, 0x9e, 0x1b, 0x27, 0x4a, 0x20, 0xb4, 0x5b, 0x72, 0x68, 0x8e, 0x47, 0xe2, 0x18, 0x75,
0x36, 0x82, 0xae, 0xa9, 0xa9, 0x40, 0xe5, 0x19, 0xa7, 0xea, 0x48, 0xad, 0x26, 0x7c, 0x93, 0x3e,
0xbf, 0x48, 0x6c, 0x3e, 0x66, 0xf7, 0x3c, 0x8f, 0x3c, 0x0e, 0x77, 0xc8, 0xb5, 0x56, 0x3b, 0x3a,
0x25, 0x13, 0x49, 0xb4, 0xcc, 0xbb, 0x8e, 0x94, 0x73, 0xa4, 0x35, 0x16, 0x95, 0x74, 0xa5, 0x98,
0xa4, 0x61, 0xa2, 0x36, 0xaf, 0x7f, 0xdf, 0x04, 0xce, 0x34, 0xd3, 0xfc, 0x09, 0x83, 0x43, 0xc1,
0x7a, 0x22, 0xc7, 0xfa, 0x3d, 0x97, 0xce, 0xc0, 0xcd, 0x15, 0xa4, 0x97, 0xb4, 0xd4, 0x55, 0x51,
0xf1, 0xef, 0x81, 0x1a, 0xce, 0x1f, 0x5a, 0x2d, 0xba, 0xce, 0xec, 0xbd, 0x85, 0x57, 0x53, 0xc6,
0x2f, 0x2a, 0x84, 0xab, 0xf3, 0x6e, 0x3b, 0xac, 0xf8, 0x73, 0xf2, 0x20, 0x42, 0x6f, 0xc4, 0xe2,
0x20, 0xb7, 0xf8, 0x5e, 0xbd, 0xe7, 0xd2, 0x2b, 0xe6, 0x10, 0xc2, 0x66, 0xe7, 0x25, 0xf9, 0xb9,
0xcb, 0xe4, 0x85, 0xbd, 0xf9, 0x62, 0x10, 0xfd, 0x67, 0x8f, 0x3f, 0x15, 0x4b, 0x10, 0x9e, 0xde,
0x8a, 0x9c, 0xb5, 0x46, 0xb7, 0x96, 0xa8, 0x9d, 0xe8, 0xf1, 0xde, 0x34, 0xcf, 0x4c, 0xa4, 0xe6,
0x35, 0x24, 0xcf, 0x47, 0xc5, 0x2d, 0xf2, 0xe3, 0x15, 0xf3, 0x39, 0xb7, 0x45, 0x2c, 0x92, 0x23,
0x37, 0x28, 0xfa, 0x7b, 0x7b, 0xe9, 0xc3, 0x04, 0x57, 0x0c, 0x30, 0xab, 0x52, 0x3a, 0x1d, 0xf7,
0x3a, 0x7b, 0xa0, 0xf0, 0x22, 0x14, 0xa8, 0xc7, 0x4e, 0xd5, 0x8b, 0x9a, 0xac, 0x67, 0x33, 0x0a,
0xa2, 0xa4, 0x76, 0x65, 0x45, 0x48, 0x7d, 0x92, 0xd7, 0xdb, 0xb1, 0x51, 0xae, 0x5f, 0x95, 0x1c,
0x8c, 0xe0, 0xaa, 0x28, 0x72, 0xbb, 0x2d, 0x97, 0x65, 0xfb, 0x3f, 0x41, 0x06, 0x46, 0xd1, 0x8c,
0x99, 0x64, 0x0e, 0xc7, 0xf0, 0x82, 0x1f, 0x1e, 0x5e, 0x8a, 0xc8, 0x6e, 0x29, 0xf0, 0xa8, 0x38,
0xa5, 0x38, 0x12, 0xaa, 0x9d, 0x60, 0x3d, 0x40, 0xfc, 0x29, 0x17, 0xc5, 0xe1, 0x1d, 0xba, 0x14,
0x45, 0xf0, 0x16, 0x32, 0x8f, 0x37, 0x88, 0xad, 0x7c, 0x77, 0x57, 0x06, 0x89, 0x70, 0x1f, 0x0e,
0x88, 0x9d, 0x2b, 0x5f, 0x83, 0x69, 0xb0, 0x48, 0x03, 0x86, 0xe4, 0x2e, 0x1c, 0xfb, 0x85, 0xb1,
0xce, 0x1c, 0x0e, 0xe0, 0xd4, 0x17, 0x0f, 0xb2, 0xf1, 0x79, 0xde, 0x8f, 0xd2, 0x0a, 0xa5, 0x10,
0xee, 0x9e, 0x05, 0x57, 0x0d, 0x42, 0x21, 0xaa, 0x53, 0xb1, 0x53, 0xd9, 0x59, 0x8b, 0x43, 0x22,
0x82, 0xbe, 0xa3, 0x2a, 0x79, 0x89, 0x46, 0xc4, 0x18, 0x31, 0x3e, 0xd4, 0x3d, 0x79, 0x9b, 0x06,
0xde, 0x7e, 0xe5, 0x20, 0xdd, 0xae, 0x34, 0xa8, 0x31, 0xc2, 0xdf, 0x61, 0x6d, 0x1b, 0x47, 0xc4,
0xae, 0x25, 0x44, 0xa8, 0x79, 0x5c, 0x2b, 0x4a, 0x17, 0x6e, 0x7a, 0xe5, 0xf1, 0x48, 0x3f, 0x82,
0x24, 0x6a, 0xc5, 0xc1, 0xfc, 0x65, 0x61, 0xca, 0xe4, 0x89, 0x52, 0x14, 0xe4, 0xb3, 0x7a, 0x24,
0xc2, 0xe5, 0x59, 0x1d, 0x55, 0xa3, 0x95, 0x16, 0xe2, 0xcf, 0x07, 0xd8, 0xad, 0x9c, 0x30, 0xbe,
0x96, 0xee, 0x80, 0x54, 0x63, 0xe7, 0xd4, 0xa6, 0xac, 0xe8, 0x15, 0xd4, 0xfc, 0x7b, 0xf8, 0xee,
0x0e, 0x88, 0x51, 0xd9, 0xad, 0x6f, 0x0d, 0xea, 0x19, 0x3a, 0x1a, 0x20, 0xbc, 0x99, 0x59, 0xcc,
0xba, 0x19, 0xc8, 0x26, 0x79, 0x79, 0xe8, 0xf6, 0x3f, 0xa0, 0xdb, 0xa6, 0x52, 0x4d, 0xc0, 0x98,
0x22, 0xcf, 0x30, 0xae, 0xdf, 0x22, 0x94, 0x5c, 0x19, 0x01, 0xe3, 0xf0, 0x44, 0x23, 0xe5, 0xeb,
0x70, 0x1a, 0xd2, 0x7f, 0xe8, 0x91, 0x1b, 0x55, 0xe7, 0xcb, 0x0d, 0xc2, 0x53, 0xa0, 0xe6, 0x7a,
0x48, 0xab, 0x05, 0xbb, 0x55, 0x28, 0x98, 0x12, 0xe5, 0xd1, 0xd9, 0x44, 0xe9, 0xa8, 0x8d, 0xa4,
0x68, 0xc8, 0x21, 0xa8, 0xe9, 0x49, 0x46, 0x22, 0xce, 0x81, 0xfe, 0x4a, 0xe3, 0xa0, 0x1c, 0xb0,
0x30, 0x29, 0x39, 0x9a, 0xd6, 0xab, 0x2e, 0xc6, 0x42, 0x47, 0x5e, 0x54, 0xbb, 0x90, 0xe6, 0x98,
0xe6, 0x52, 0x58, 0x58, 0x1e, 0xd0, 0x00, 0x9c, 0x8f, 0x4a, 0x17, 0x7e, 0x8a, 0x5a, 0xef, 0x3e,
};

90
lib/EAPBase/src/Module.cpp
View File

@@ -33,7 +33,7 @@ eap::module::module(type_t eap_method) :
m_instance(NULL)
{
m_ep.create(&EAPMETHOD_TRACE_EVENT_PROVIDER);
m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_LOAD, event_data((BYTE)m_eap_method), event_data::blank);
m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_LOAD, event_data((DWORD)m_eap_method), event_data::blank);
m_heap.create(0, 0, 0);
}
@@ -41,17 +41,17 @@ eap::module::module(type_t eap_method) :
eap::module::~module()
{
m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_UNLOAD, event_data((BYTE)m_eap_method), event_data::blank);
m_ep.write(&EAPMETHOD_TRACE_EVT_MODULE_UNLOAD, event_data((DWORD)m_eap_method), event_data::blank);
}
EAP_ERROR* eap::module::make_error(_In_ DWORD dwErrorCode, _In_ DWORD dwReasonCode, _In_ LPCGUID pRootCauseGuid, _In_ LPCGUID pRepairGuid, _In_ LPCGUID pHelpLinkGuid, _In_z_ LPCWSTR pszRootCauseString, _In_z_ LPCWSTR pszRepairString) const
EAP_ERROR* eap::module::make_error(_In_ DWORD dwErrorCode, _In_opt_z_ LPCWSTR pszRootCauseString, _In_opt_z_ LPCWSTR pszRepairString, _In_opt_ DWORD dwReasonCode, _In_opt_ LPCGUID pRootCauseGuid, _In_opt_ LPCGUID pRepairGuid, _In_opt_ LPCGUID pHelpLinkGuid) const
{
// Calculate memory size requirement.
SIZE_T
nRootCauseSize = pszRootCauseString != NULL && pszRootCauseString[0] ? (wcslen(pszRootCauseString) + 1)*sizeof(WCHAR) : 0,
nRepairStringSize = pszRepairString != NULL && pszRepairString [0] ? (wcslen(pszRepairString ) + 1)*sizeof(WCHAR) : 0,
nEapErrorSize = sizeof(EAP_ERROR) + nRootCauseSize + nRepairStringSize;
nEapErrorSize = sizeof(EAP_ERROR) + nRootCauseSize + nRepairStringSize;
EAP_ERROR *pError = (EAP_ERROR*)HeapAlloc(m_heap, 0, nEapErrorSize);
if (!pError)
@@ -81,19 +81,6 @@ EAP_ERROR* eap::module::make_error(_In_ DWORD dwErrorCode, _In_ DWORD dwReasonCo
} else
pError->pRepairString = NULL;
// Write trace event.
vector<EVENT_DATA_DESCRIPTOR> evt_desc;
evt_desc.reserve(8);
evt_desc.push_back(event_data(pError->dwWinError));
evt_desc.push_back(event_data(pError->type.eapType.type));
evt_desc.push_back(event_data(pError->dwReasonCode));
evt_desc.push_back(event_data(&(pError->rootCauseGuid), sizeof(GUID)));
evt_desc.push_back(event_data(&(pError->repairGuid), sizeof(GUID)));
evt_desc.push_back(event_data(&(pError->helpLinkGuid), sizeof(GUID)));
evt_desc.push_back(event_data(pError->pRootCauseString));
evt_desc.push_back(event_data(pError->pRepairString));
m_ep.write(&EAPMETHOD_TRACE_EAP_ERROR, (ULONG)evt_desc.size(), evt_desc.data());
return pError;
}
@@ -106,8 +93,6 @@ BYTE* eap::module::alloc_memory(_In_ size_t size)
void eap::module::free_memory(_In_ BYTE *ptr)
{
ETW_FN_VOID;
// Since we do security here and some of the BLOBs contain credentials, sanitize every memory block before freeing.
SecureZeroMemory(ptr, HeapSize(m_heap, 0, ptr));
HeapFree(m_heap, 0, ptr);
@@ -116,50 +101,81 @@ void eap::module::free_memory(_In_ BYTE *ptr)
void eap::module::free_error_memory(_In_ EAP_ERROR *err)
{
ETW_FN_VOID;
// pRootCauseString and pRepairString always trail the ppEapError to reduce number of (de)allocations.
HeapFree(m_heap, 0, err);
}
void eap::module::log_error(_In_ const EAP_ERROR *err) const
{
assert(err);
// Write trace event.
vector<EVENT_DATA_DESCRIPTOR> evt_desc;
evt_desc.reserve(8);
evt_desc.push_back(event_data(err->dwWinError));
DWORD dwType = err->type.eapType.type;
evt_desc.push_back(event_data(dwType));
evt_desc.push_back(event_data(err->dwReasonCode));
evt_desc.push_back(event_data(&(err->rootCauseGuid), sizeof(GUID)));
evt_desc.push_back(event_data(&(err->repairGuid), sizeof(GUID)));
evt_desc.push_back(event_data(&(err->helpLinkGuid), sizeof(GUID)));
evt_desc.push_back(event_data(err->pRootCauseString));
evt_desc.push_back(event_data(err->pRepairString));
m_ep.write(&EAPMETHOD_TRACE_EAP_ERROR, (ULONG)evt_desc.size(), evt_desc.data());
}
bool eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
{
assert(ppEapError);
// Import the public key.
// Generate 256-bit AES session key.
crypt_key key_aes;
if (!CryptGenKey(hProv, CALG_AES_256, MAKELONG(CRYPT_EXPORTABLE, 256), &key_aes)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptGenKey failed."));
return false;
}
// Import the public RSA key.
HRSRC res = FindResource(m_instance, MAKEINTRESOURCE(IDR_EAP_KEY_PUBLIC), RT_RCDATA);
assert(res);
HGLOBAL res_handle = LoadResource(m_instance, res);
assert(res_handle);
crypt_key key;
crypt_key key_rsa;
unique_ptr<CERT_PUBLIC_KEY_INFO, LocalFree_delete<CERT_PUBLIC_KEY_INFO> > keyinfo_data;
DWORD keyinfo_size = 0;
if (!CryptDecodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, (const BYTE*)::LockResource(res_handle), ::SizeofResource(m_instance, res), CRYPT_DECODE_ALLOC_FLAG, NULL, &keyinfo_data, &keyinfo_size)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptDecodeObjectEx failed."));
return false;
}
if (!key_rsa.import_public(hProv, X509_ASN_ENCODING, keyinfo_data.get())) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Public key import failed."));
return false;
}
if (!key.import_public(hProv, X509_ASN_ENCODING, keyinfo_data.get())) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Public key import failed."), NULL);
// Export AES session key encrypted with public RSA key.
vector<unsigned char, sanitizing_allocator<unsigned char> > buf;
if (!CryptExportKey(key_aes, key_rsa, SIMPLEBLOB, 0, buf)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptExportKey failed."));
return false;
}
enc.assign(buf.begin(), buf.end());
// Pre-allocate memory to allow space, as encryption will grow the data.
buf.assign((const unsigned char*)data, (const unsigned char*)data + size);
DWORD dwBlockLen;
vector<unsigned char, sanitizing_allocator<unsigned char> > buf(size);
memcpy(buf.data(), data, size);
if (!CryptGetKeyParam(key, KP_BLOCKLEN, dwBlockLen, 0)) dwBlockLen = 0;
buf.reserve((size + dwBlockLen - 1) / dwBlockLen * dwBlockLen);
if (!CryptGetKeyParam(key_aes, KP_BLOCKLEN, dwBlockLen, 0)) dwBlockLen = 0;
buf.reserve((size + dwBlockLen) / dwBlockLen * dwBlockLen);
// Encrypt the data using our public key.
if (!CryptEncrypt(key, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Encrypting data failed."), NULL);
// Encrypt the data using AES key.
if (!CryptEncrypt(key_aes, hHash, TRUE, 0, buf)) {
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptEncrypt failed."));
return false;
}
// Copy encrypted data.
enc.assign(buf.begin(), buf.end());
// Append encrypted data.
enc.insert(enc.cend(), buf.begin(), buf.end());
return true;
}
@@ -169,7 +185,7 @@ bool eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const
// Create hash.
crypt_hash hash;
if (!hash.create(hProv, CALG_MD5)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Creating MD5 hash failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Creating MD5 hash failed."));
return false;
}
@@ -180,7 +196,7 @@ bool eap::module::encrypt_md5(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const
// Calculate MD5 hash.
vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0)) {
*ppEapError = make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Calculating MD5 hash failed."), NULL);
*ppEapError = make_error(GetLastError(), _T(__FUNCTION__) _T(" Calculating MD5 hash failed."));
return false;
}

187
lib/EAPBase/src/Session.cpp
View File

@@ -1,187 +0,0 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
using namespace std;
using namespace winstd;
//////////////////////////////////////////////////////////////////////
// eap::session
//////////////////////////////////////////////////////////////////////
eap::session::session(_In_ module &mod) :
m_module(mod)
{
}
eap::session::session(_In_ const session &other) :
m_module(other.m_module)
{
}
eap::session::session(_Inout_ session &&other) :
m_module(other.m_module)
{
}
eap::session& eap::session::operator=(_In_ const session &other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Copy session within same module only!
return *this;
}
eap::session& eap::session::operator=(_Inout_ session &&other)
{
UNREFERENCED_PARAMETER(other);
assert(&m_module == &other.m_module); // Move session within same module only!
return *this;
}
bool eap::session::begin(
_In_ DWORD dwFlags,
_In_ const EapAttributes *pAttributeArray,
_In_ HANDLE hTokenImpersonateUser,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwMaxSendPacketSize,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(pAttributeArray);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(dwConnectionDataSize);
UNREFERENCED_PARAMETER(pConnectionData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(dwMaxSendPacketSize);
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
bool eap::session::end(_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(ppEapError);
return true;
}
bool eap::session::process_request_packet(
_In_ DWORD dwReceivedPacketSize,
_In_bytecount_(dwReceivedPacketSize) const EapPacket *pReceivedPacket,
_Out_ EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwReceivedPacketSize);
UNREFERENCED_PARAMETER(pReceivedPacket);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::get_response_packet(
_Inout_ DWORD *pdwSendPacketSize,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwSendPacketSize);
UNREFERENCED_PARAMETER(pSendPacket);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::get_result(_In_ EapPeerMethodResultReason reason, _Out_ EapPeerMethodResult *ppResult, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(reason);
UNREFERENCED_PARAMETER(ppResult);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::get_ui_context(
_Out_ DWORD *pdwUIContextDataSize,
_Out_ BYTE **ppUIContextData,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pdwUIContextDataSize);
UNREFERENCED_PARAMETER(ppUIContextData);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::set_ui_context(
_In_ DWORD dwUIContextDataSize,
_In_count_(dwUIContextDataSize) const BYTE *pUIContextData,
_In_ const EapPeerMethodOutput *pEapOutput,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwUIContextDataSize);
UNREFERENCED_PARAMETER(pUIContextData);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::get_response_attributes(_Out_ EapAttributes *pAttribs, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}
bool eap::session::set_response_attributes(const _In_ EapAttributes *pAttribs, _Out_ EapPeerMethodOutput *pEapOutput, _Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(pAttribs);
UNREFERENCED_PARAMETER(pEapOutput);
assert(ppEapError);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
return false;
}

359
lib/EAPBase_UI/include/EAP_UI.h
View File

@@ -18,6 +18,7 @@
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include <wx/hyperlink.h>
#include <wx/icon.h>
#include <wx/statbmp.h>
#include <Windows.h>
@@ -26,32 +27,37 @@
///
/// EAP configuration dialog
///
template <class _Tcfg, class _wxT> class wxEAPConfigDialog;
template <class _Tmeth, class _wxT> class wxEAPConfigDialog;
///
/// EAP credentials dialog
///
class wxEAPCredentialsDialog;
template <class _Tprov> class wxEAPCredentialsDialog;
///
/// EAP dialog banner
///
class wxEAPBannerPanel;
///
/// EAP Provider-locked congifuration note
///
template <class _Tprov> class wxEAPProviderLocked;
///
/// Base template for credentials configuration panel
///
template <class _Tcfg, class _Tcred, class _Tpanel> class wxEAPCredentialsConfigPanel;
template <class _Tprov, class _Tmeth, class _wxT> class wxEAPCredentialsConfigPanel;
///
/// Base template for all credential panels
///
template <class _Tbase, class _Tcred> class wxCredentialsPanel;
template <class _Tcred, class _Tbase> class wxCredentialsPanel;
///
/// Password credentials panel
///
class wxPasswordCredentialsPanel;
template <class _Tprov> class wxPasswordCredentialsPanel;
///
/// Sets icon from resource
@@ -115,6 +121,7 @@ public:
for (; method != method_end; ++method, count++)
m_providers->AddPage(
new _wxT(
*provider,
provider->m_methods.front(),
provider->m_id.c_str(),
m_providers),
@@ -147,22 +154,50 @@ protected:
};
template <class _Tprov>
class wxEAPCredentialsDialog : public wxEAPCredentialsDialogBase
{
public:
///
/// Constructs a credential dialog
///
wxEAPCredentialsDialog(wxWindow* parent);
wxEAPCredentialsDialog(_Tprov &prov, wxWindow* parent) : wxEAPCredentialsDialogBase(parent)
{
// Set extra style here, as wxFormBuilder overrides all default flags.
this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY);
// Set banner title.
m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), prov.m_id.c_str()));
m_buttonsOK->SetDefault();
}
///
/// Adds panels to the dialog
///
void AddContents(wxPanel **contents, size_t content_count);
void AddContents(wxPanel **contents, size_t content_count)
{
if (content_count) {
for (size_t i = 0; i < content_count; i++)
m_panels->Add(contents[i], 0, wxALL|wxEXPAND, 5);
this->Layout();
this->GetSizer()->Fit(this);
contents[0]->SetFocusFromKbd();
}
}
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnInitDialog(wxInitDialogEvent& event)
{
for (wxSizerItemList::compatibility_iterator panel = m_panels->GetChildren().GetFirst(); panel; panel = panel->GetNext())
panel->GetData()->GetWindow()->GetEventHandler()->ProcessEvent(event);
}
/// \endcond
};
@@ -182,18 +217,132 @@ protected:
};
template <class _Tcfg, class _Tcred, class _Tpanel>
template <class _Tprov>
class wxEAPProviderLocked : public wxEAPProviderLockedBase
{
public:
///
/// Constructs a notice pannel and set the title text
///
wxEAPProviderLocked(_Tprov &prov, wxWindow* parent) :
m_prov(prov),
wxEAPProviderLockedBase(parent)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_provider_locked_icon, m_icon, m_shell32, MAKEINTRESOURCE(48));
m_provider_locked_label->SetLabel(wxString::Format(_("%s has pre-set parts of this configuration. Those parts are locked to prevent accidental modification."),
!m_prov.m_name.empty() ? m_prov.m_name.c_str() :
!m_prov.m_id .empty() ? winstd::string_printf(_("Your %ls provider"), m_prov.m_id.c_str()).c_str() : _("Your provider")));
m_provider_locked_label->Wrap(452);
if (!m_prov.m_help_email.empty() || !m_prov.m_help_web.empty() || !m_prov.m_help_phone.empty()) {
wxStaticText *provider_notice = new wxStaticText(this, wxID_ANY, wxString::Format(_("For additional help and instructions, please contact %s at:"),
!m_prov.m_name.empty() ? m_prov.m_name.c_str() :
!m_prov.m_id .empty() ? winstd::string_printf(_("your %ls provider"), m_prov.m_id.c_str()).c_str() : _("your provider")), wxDefaultPosition, wxDefaultSize, 0);
provider_notice->Wrap(452);
m_provider_locked_vert->Add(provider_notice, 0, wxUP|wxLEFT|wxRIGHT|wxEXPAND, 5);
wxFlexGridSizer* sb_contact_tbl;
sb_contact_tbl = new wxFlexGridSizer(0, 2, 5, 5);
sb_contact_tbl->AddGrowableCol(1);
sb_contact_tbl->SetFlexibleDirection(wxBOTH);
sb_contact_tbl->SetNonFlexibleGrowMode(wxFLEX_GROWMODE_SPECIFIED);
wxFont font_wingdings(-1, wxFONTFAMILY_DEFAULT, wxFONTSTYLE_NORMAL, wxFONTWEIGHT_NORMAL, false, wxT("Wingdings"));
if (!m_prov.m_help_web.empty()) {
wxStaticText *label = new wxStaticText(this, wxID_ANY, wxT("\xb6"), wxDefaultPosition, wxDefaultSize, 0);
label->Wrap(-1);
label->SetFont(font_wingdings);
sb_contact_tbl->Add(label, 0, wxEXPAND|wxALIGN_TOP, 5);
wxHyperlinkCtrl *value = new wxHyperlinkCtrl(this, wxID_ANY, m_prov.m_help_web, m_prov.m_help_web, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE);
value->SetToolTip(_("Open the default web browser"));
sb_contact_tbl->Add(value, 0, wxEXPAND|wxALIGN_TOP, 5);
}
if (!m_prov.m_help_email.empty()) {
wxStaticText *label = new wxStaticText(this, wxID_ANY, wxT("\x2a"), wxDefaultPosition, wxDefaultSize, 0);
label->Wrap(-1);
label->SetFont(font_wingdings);
sb_contact_tbl->Add(label, 0, wxEXPAND|wxALIGN_TOP, 5);
wxHyperlinkCtrl *value = new wxHyperlinkCtrl(this, wxID_ANY, m_prov.m_help_email, wxString(wxT("mailto:")) + m_prov.m_help_email, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE);
value->SetToolTip(_("Open your e-mail program"));
sb_contact_tbl->Add(value, 0, wxEXPAND|wxALIGN_TOP, 5);
}
if (!m_prov.m_help_phone.empty()) {
wxStaticText *label = new wxStaticText(this, wxID_ANY, wxT("\x29"), wxDefaultPosition, wxDefaultSize, 0);
label->Wrap(-1);
label->SetFont(font_wingdings);
sb_contact_tbl->Add(label, 0, wxEXPAND|wxALIGN_TOP, 5);
wxHyperlinkCtrl *value = new wxHyperlinkCtrl(this, wxID_ANY, m_prov.m_help_phone, wxString(wxT("tel:")) + GetPhoneNumber(m_prov.m_help_phone.c_str()), wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE);
value->SetToolTip(_("Dial the phone number"));
sb_contact_tbl->Add(value, 0, wxEXPAND|wxALIGN_TOP, 5);
}
m_provider_locked_vert->Add(sb_contact_tbl, 0, wxLEFT|wxRIGHT|wxDOWN|wxEXPAND, 5);
}
this->Layout();
}
protected:
/// \cond internal
virtual bool AcceptsFocusFromKeyboard() const
{
return !m_prov.m_help_email.empty() || !m_prov.m_help_web.empty() || !m_prov.m_help_phone.empty();
}
template<class _Elem, class _Traits, class _Ax>
static std::basic_string<_Elem, _Traits, _Ax> GetPhoneNumber(_In_z_ const _Elem *num)
{
assert(num);
std::basic_string<_Elem, _Traits, _Ax> str;
for (; *num; num++) {
_Elem c = *num;
if ('0' <= c && c <= '9' || c == '+' || c == '*' || c == '#')
str += c;
}
return str;
}
template<class _Elem>
static std::basic_string<_Elem, std::char_traits<_Elem>, std::allocator<_Elem> > GetPhoneNumber(_In_z_ const _Elem *num)
{
return GetPhoneNumber<_Elem, std::char_traits<_Elem>, std::allocator<_Elem> >(num);
}
/// \endcond
protected:
_Tprov &m_prov; ///< EAP provider
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
};
template <class _Tprov, class _Tmeth, class _wxT>
class wxEAPCredentialsConfigPanel : public wxEAPCredentialsConfigPanelBase
{
public:
///
/// Constructs a credential configuration panel
///
/// \param[inout] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxEAPCredentialsConfigPanel(_Tcfg &cfg, LPCTSTR pszCredTarget, wxWindow *parent) :
wxEAPCredentialsConfigPanel(_Tprov &prov, _Tmeth &cfg, LPCTSTR pszCredTarget, wxWindow *parent) :
m_prov(prov),
m_cfg(cfg),
m_target(pszCredTarget),
m_cred(m_cfg.m_module),
@@ -201,7 +350,7 @@ public:
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(48));
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(/*16770*/269));
}
protected:
@@ -209,29 +358,41 @@ protected:
virtual bool TransferDataToWindow()
{
wxCHECK(wxEAPCredentialsConfigPanelBase::TransferDataToWindow(), false);
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_own ->Enable(false);
m_preshared ->Enable(false);
m_preshared_identity->Enable(false);
m_preshared_set ->Enable(false);
}
if (!m_cfg.m_use_preshared) {
m_own->SetValue(true);
m_cred.clear();
} else {
m_preshared->SetValue(true);
m_cred = m_cfg.m_preshared;
}
return true;
return wxEAPCredentialsConfigPanelBase::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
if (m_own->GetValue()) {
m_cfg.m_use_preshared = false;
} else {
m_cfg.m_use_preshared = true;
m_cfg.m_preshared = m_cred;
wxCHECK(wxEAPCredentialsConfigPanelBase::TransferDataFromWindow(), false);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
if (m_own->GetValue()) {
m_cfg.m_use_preshared = false;
} else {
m_cfg.m_use_preshared = true;
m_cfg.m_preshared = m_cred;
}
}
return wxEAPCredentialsConfigPanelBase::TransferDataFromWindow();
return true;
}
@@ -240,33 +401,48 @@ protected:
UNREFERENCED_PARAMETER(event);
DWORD dwResult;
bool has_own;
std::unique_ptr<CREDENTIAL, winstd::CredFree_delete<CREDENTIAL> > cred;
if (CredRead(m_cred.target_name(m_target.c_str()).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
m_identity_own->SetValue(cred->UserName && cred->UserName[0] != 0 ? cred->UserName : _("<blank>"));
has_own = true;
} else if ((dwResult = GetLastError()) == ERROR_NOT_FOUND) {
m_identity_own->Clear();
has_own = false;
if (m_cfg.m_allow_save) {
bool has_own;
std::unique_ptr<CREDENTIAL, winstd::CredFree_delete<CREDENTIAL> > cred;
if (CredRead(m_cred.target_name(m_target.c_str()).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
m_own_identity->SetValue(cred->UserName && cred->UserName[0] != 0 ? cred->UserName : _("<blank>"));
has_own = true;
} else if ((dwResult = GetLastError()) == ERROR_NOT_FOUND) {
m_own_identity->Clear();
has_own = false;
} else {
m_own_identity->SetValue(wxString::Format(_("<error %u>"), dwResult));
has_own = true;
}
if (m_own->GetValue()) {
m_own_identity->Enable(true);
m_own_set ->Enable(true);
m_own_clear ->Enable(has_own);
} else {
m_own_identity->Enable(false);
m_own_set ->Enable(false);
m_own_clear ->Enable(false);
}
} else {
m_identity_own->SetValue(wxString::Format(_("<error %u>"), dwResult));
has_own = true;
m_own_identity->Clear();
m_own_identity->Enable(false);
m_own_set ->Enable(false);
m_own_clear ->Enable(false);
}
if (m_own->GetValue()) {
m_identity_own ->Enable(true);
m_set_own ->Enable(true);
m_clear_own ->Enable(has_own);
m_identity_preshared->Enable(false);
m_identity_preshared->SetValue(wxEmptyString);
m_set_preshared ->Enable(false);
} else {
m_identity_own ->Enable(false);
m_set_own ->Enable(false);
m_clear_own ->Enable(false);
m_identity_preshared->Enable(true);
m_identity_preshared->SetValue(!m_cred.empty() ? m_cred.m_identity : _("<blank>"));
m_set_preshared ->Enable(true);
m_preshared_identity->SetValue(!m_cred.empty() ? m_cred.m_identity : _("<blank>"));
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Selectively enable/disable controls.
if (m_own->GetValue()) {
m_preshared_identity->Enable(false);
m_preshared_set ->Enable(false);
} else {
m_preshared_identity->Enable(true);
m_preshared_set ->Enable(true);
}
}
}
@@ -275,9 +451,9 @@ protected:
{
UNREFERENCED_PARAMETER(event);
wxEAPCredentialsDialog dlg(this);
wxEAPCredentialsDialog<_Tprov> dlg(m_prov, this);
_Tpanel *panel = new _Tpanel(m_cred, m_target.c_str(), &dlg, true);
_wxT *panel = new _wxT(m_prov, m_cred, m_target.c_str(), &dlg, true);
dlg.AddContents((wxPanel**)&panel, 1);
dlg.ShowModal();
@@ -297,9 +473,9 @@ protected:
{
UNREFERENCED_PARAMETER(event);
wxEAPCredentialsDialog dlg(this);
wxEAPCredentialsDialog<_Tprov> dlg(m_prov, this);
_Tpanel *panel = new _Tpanel(m_cred, _T(""), &dlg, true);
_wxT *panel = new _wxT(m_prov, m_cred, _T(""), &dlg, true);
dlg.AddContents((wxPanel**)&panel, 1);
dlg.ShowModal();
@@ -308,17 +484,18 @@ protected:
/// \endcond
protected:
_Tcfg &m_cfg; ///< EAP configuration
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
winstd::tstring m_target; ///< Credential Manager target
_Tprov &m_prov; ///< EAP provider
_Tmeth &m_cfg; ///< EAP configuration
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
winstd::tstring m_target; ///< Credential Manager target
private:
_Tcred m_cred; ///< Temporary credential data
typename _Tmeth::credentials_type m_cred; ///< Temporary credential data
};
template <class _Tbase, class _Tcred>
template <class _Tcred, class _Tbase>
class wxCredentialsPanel : public _Tbase
{
public:
@@ -348,8 +525,6 @@ protected:
virtual bool TransferDataToWindow()
{
wxCHECK(_Tbase::TransferDataToWindow(), false);
if (!m_target.empty()) {
// Read credentials from Credential Manager
EAP_ERROR *pEapError;
@@ -363,12 +538,14 @@ protected:
wxLogError(_("Reading credentials failed."));
}
return true;
return _Tbase::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
wxCHECK(_Tbase::TransferDataFromWindow(), false);
if (!m_target.empty()) {
// Write credentials to credential manager.
if (m_remember->GetValue()) {
@@ -383,7 +560,7 @@ protected:
}
}
return _Tbase::TransferDataFromWindow();
return true;
}
/// \endcond
@@ -394,23 +571,79 @@ protected:
};
class wxPasswordCredentialsPanel : public wxCredentialsPanel<wxPasswordCredentialsPanelBase, eap::credentials_pass>
template <class _Tprov>
class wxPasswordCredentialsPanel : public wxCredentialsPanel<eap::credentials_pass, wxPasswordCredentialsPanelBase>
{
public:
///
/// Constructs a password credentials panel
///
/// \param[inout] prov EAP provider
/// \param[inout] cred Credentials data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
/// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled.
///
wxPasswordCredentialsPanel(eap::credentials_pass &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false);
wxPasswordCredentialsPanel(_Tprov &prov, eap::credentials_pass &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false) :
wxCredentialsPanel<eap::credentials_pass, wxPasswordCredentialsPanelBase>(cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(269));
bool layout = false;
if (!prov.m_lbl_alt_credential.empty()) {
m_credentials_label->SetLabel(prov.m_lbl_alt_credential);
m_credentials_label->Wrap( 446 );
layout = true;
}
if (!prov.m_lbl_alt_identity.empty()) {
m_identity_label->SetLabel(prov.m_lbl_alt_identity);
layout = true;
}
if (!prov.m_lbl_alt_password.empty()) {
m_password_label->SetLabel(prov.m_lbl_alt_password);
layout = true;
}
if (layout)
this->Layout();
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual bool TransferDataToWindow()
{
// Inherited TransferDataToWindow() calls m_cred.retrieve().
// Therefore, call it now, to set m_cred.
wxCHECK(__super::TransferDataToWindow(), false);
m_identity->SetValue(m_cred.m_identity);
m_identity->SetSelection(0, -1);
m_password->SetValue(m_cred.m_password.empty() ? wxEmptyString : s_dummy_password);
return true;
}
virtual bool TransferDataFromWindow()
{
m_cred.m_identity = m_identity->GetValue();
wxString pass = m_password->GetValue();
if (pass.compare(s_dummy_password) != 0) {
m_cred.m_password = pass;
pass.assign(pass.length(), wxT('*'));
}
// Inherited TransferDataFromWindow() calls m_cred.store().
// Therefore, call it only now, that m_cred is set.
return __super::TransferDataFromWindow();
}
/// \endcond
protected:
@@ -422,6 +655,10 @@ private:
};
template <class _Tprov>
const wxStringCharType *wxPasswordCredentialsPanel<_Tprov>::s_dummy_password = wxT("dummypass");
inline bool wxSetIconFromResource(wxStaticBitmap *bmp, wxIcon &icon, HINSTANCE hinst, PCWSTR pszName)
{
wxASSERT(bmp);

70
lib/EAPBase_UI/res/wxEAP_UI.cpp
View File

@@ -119,6 +119,34 @@ wxEAPBannerPanelBase::~wxEAPBannerPanelBase()
{
}
wxEAPProviderLockedBase::wxEAPProviderLockedBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
this->SetBackgroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INFOBK ) );
wxBoxSizer* sb_provider_locked_horiz;
sb_provider_locked_horiz = new wxBoxSizer( wxHORIZONTAL );
m_provider_locked_icon = new wxStaticBitmap( this, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_locked_horiz->Add( m_provider_locked_icon, 0, wxALL, 5 );
m_provider_locked_vert = new wxBoxSizer( wxVERTICAL );
m_provider_locked_label = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_locked_label->Wrap( 452 );
m_provider_locked_vert->Add( m_provider_locked_label, 0, wxALL|wxEXPAND, 5 );
sb_provider_locked_horiz->Add( m_provider_locked_vert, 1, wxEXPAND, 5 );
this->SetSizer( sb_provider_locked_horiz );
this->Layout();
}
wxEAPProviderLockedBase::~wxEAPProviderLockedBase()
{
}
wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_credentials;
@@ -151,10 +179,10 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
sz_own_inner->Add( m_own, 2, wxEXPAND, 5 );
m_identity_own = new wxTextCtrl( sb_credentials->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_READONLY );
m_identity_own->SetToolTip( _("Enter your user name here (user@domain.org, DOMAINUser, etc.)") );
m_own_identity = new wxTextCtrl( sb_credentials->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_READONLY );
m_own_identity->SetToolTip( _("Enter your user name here (user@domain.org, DOMAINUser, etc.)") );
sz_own_inner->Add( m_identity_own, 3, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sz_own_inner->Add( m_own_identity, 3, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sz_own->Add( sz_own_inner, 1, wxEXPAND|wxBOTTOM, 5 );
@@ -162,15 +190,15 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
wxBoxSizer* sb_buttons_own;
sb_buttons_own = new wxBoxSizer( wxHORIZONTAL );
m_clear_own = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Clear Credentials"), wxDefaultPosition, wxDefaultSize, 0 );
m_clear_own->SetToolTip( _("Click to clear your credentials from Credential Manager.\nNote: You will be prompted to enter credentials when connecting.") );
m_own_clear = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Clear Credentials"), wxDefaultPosition, wxDefaultSize, 0 );
m_own_clear->SetToolTip( _("Click to clear your credentials from Credential Manager.\nNote: You will be prompted to enter credentials when connecting.") );
sb_buttons_own->Add( m_clear_own, 0, wxRIGHT, 5 );
sb_buttons_own->Add( m_own_clear, 0, wxRIGHT, 5 );
m_set_own = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Set Credentials..."), wxDefaultPosition, wxDefaultSize, 0 );
m_set_own->SetToolTip( _("Click here to set or modify your credentials") );
m_own_set = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Set Credentials..."), wxDefaultPosition, wxDefaultSize, 0 );
m_own_set->SetToolTip( _("Click here to set or modify your credentials") );
sb_buttons_own->Add( m_set_own, 0, wxLEFT, 5 );
sb_buttons_own->Add( m_own_set, 0, wxLEFT, 5 );
sz_own->Add( sb_buttons_own, 0, wxALIGN_RIGHT, 5 );
@@ -189,10 +217,10 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
sz_preshared_inner->Add( m_preshared, 2, wxEXPAND, 5 );
m_identity_preshared = new wxTextCtrl( sb_credentials->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_READONLY );
m_identity_preshared->SetToolTip( _("Enter your user name here (user@domain.org, DOMAINUser, etc.)") );
m_preshared_identity = new wxTextCtrl( sb_credentials->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_READONLY );
m_preshared_identity->SetToolTip( _("Enter your user name here (user@domain.org, DOMAINUser, etc.)") );
sz_preshared_inner->Add( m_identity_preshared, 3, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sz_preshared_inner->Add( m_preshared_identity, 3, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sz_preshared->Add( sz_preshared_inner, 1, wxEXPAND|wxBOTTOM, 5 );
@@ -200,10 +228,10 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
wxBoxSizer* sb_buttons_preshared;
sb_buttons_preshared = new wxBoxSizer( wxHORIZONTAL );
m_set_preshared = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Set Credentials..."), wxDefaultPosition, wxDefaultSize, 0 );
m_set_preshared->SetToolTip( _("Click here to set or modify your credentials") );
m_preshared_set = new wxButton( sb_credentials->GetStaticBox(), wxID_ANY, _("&Set Credentials..."), wxDefaultPosition, wxDefaultSize, 0 );
m_preshared_set->SetToolTip( _("Click here to set or modify your credentials") );
sb_buttons_preshared->Add( m_set_preshared, 0, 0, 5 );
sb_buttons_preshared->Add( m_preshared_set, 0, 0, 5 );
sz_preshared->Add( sb_buttons_preshared, 0, wxALIGN_RIGHT, 5 );
@@ -226,18 +254,18 @@ wxEAPCredentialsConfigPanelBase::wxEAPCredentialsConfigPanelBase( wxWindow* pare
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPCredentialsConfigPanelBase::OnUpdateUI ) );
m_clear_own->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_set_own->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_set_preshared->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
m_own_clear->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_own_set->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_preshared_set->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
}
wxEAPCredentialsConfigPanelBase::~wxEAPCredentialsConfigPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPCredentialsConfigPanelBase::OnUpdateUI ) );
m_clear_own->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_set_own->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_set_preshared->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
m_own_clear->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnClearOwn ), NULL, this );
m_own_set->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetOwn ), NULL, this );
m_preshared_set->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPCredentialsConfigPanelBase::OnSetPreshared ), NULL, this );
}

266
lib/EAPBase_UI/res/wxEAP_UI.fbp
View File

@@ -582,7 +582,7 @@
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
<property name="permission">protected</property>
<property name="permission">public</property>
<property name="pin_button">1</property>
<property name="pos"></property>
<property name="resize">Resizable</property>
@@ -623,6 +623,240 @@
</object>
</object>
</object>
<object class="Panel" expanded="1">
<property name="aui_managed">0</property>
<property name="aui_manager_style">wxAUI_MGR_DEFAULT</property>
<property name="bg">wxSYS_COLOUR_INFOBK</property>
<property name="context_help"></property>
<property name="context_menu">1</property>
<property name="enabled">1</property>
<property name="event_handler">impl_virtual</property>
<property name="fg"></property>
<property name="font"></property>
<property name="hidden">0</property>
<property name="id">wxID_ANY</property>
<property name="maximum_size"></property>
<property name="minimum_size"></property>
<property name="name">wxEAPProviderLockedBase</property>
<property name="pos"></property>
<property name="size">500,-1</property>
<property name="subclass"></property>
<property name="tooltip"></property>
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style">wxSIMPLE_BORDER|wxTAB_TRAVERSAL</property>
<event name="OnAuiFindManager"></event>
<event name="OnAuiPaneButton"></event>
<event name="OnAuiPaneClose"></event>
<event name="OnAuiPaneMaximize"></event>
<event name="OnAuiPaneRestore"></event>
<event name="OnAuiRender"></event>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>
<event name="OnInitDialog"></event>
<event name="OnKeyDown"></event>
<event name="OnKeyUp"></event>
<event name="OnKillFocus"></event>
<event name="OnLeaveWindow"></event>
<event name="OnLeftDClick"></event>
<event name="OnLeftDown"></event>
<event name="OnLeftUp"></event>
<event name="OnMiddleDClick"></event>
<event name="OnMiddleDown"></event>
<event name="OnMiddleUp"></event>
<event name="OnMotion"></event>
<event name="OnMouseEvents"></event>
<event name="OnMouseWheel"></event>
<event name="OnPaint"></event>
<event name="OnRightDClick"></event>
<event name="OnRightDown"></event>
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
<object class="wxBoxSizer" expanded="1">
<property name="minimum_size"></property>
<property name="name">sb_provider_locked_horiz</property>
<property name="orient">wxHORIZONTAL</property>
<property name="permission">none</property>
<object class="sizeritem" expanded="1">
<property name="border">5</property>
<property name="flag">wxALL</property>
<property name="proportion">0</property>
<object class="wxStaticBitmap" expanded="1">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
<property name="TopDockable">1</property>
<property name="aui_layer"></property>
<property name="aui_name"></property>
<property name="aui_position"></property>
<property name="aui_row"></property>
<property name="best_size"></property>
<property name="bg"></property>
<property name="bitmap">Load From Icon Resource; ; [32; 32]</property>
<property name="caption"></property>
<property name="caption_visible">1</property>
<property name="center_pane">0</property>
<property name="close_button">1</property>
<property name="context_help"></property>
<property name="context_menu">1</property>
<property name="default_pane">0</property>
<property name="dock">Dock</property>
<property name="dock_fixed">0</property>
<property name="docking">Left</property>
<property name="enabled">1</property>
<property name="fg"></property>
<property name="floatable">1</property>
<property name="font"></property>
<property name="gripper">0</property>
<property name="hidden">0</property>
<property name="id">wxID_ANY</property>
<property name="max_size"></property>
<property name="maximize_button">0</property>
<property name="maximum_size"></property>
<property name="min_size"></property>
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_provider_locked_icon</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
<property name="permission">protected</property>
<property name="pin_button">1</property>
<property name="pos"></property>
<property name="resize">Resizable</property>
<property name="show">1</property>
<property name="size"></property>
<property name="subclass"></property>
<property name="toolbar_pane">0</property>
<property name="tooltip"></property>
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style"></property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>
<event name="OnKeyDown"></event>
<event name="OnKeyUp"></event>
<event name="OnKillFocus"></event>
<event name="OnLeaveWindow"></event>
<event name="OnLeftDClick"></event>
<event name="OnLeftDown"></event>
<event name="OnLeftUp"></event>
<event name="OnMiddleDClick"></event>
<event name="OnMiddleDown"></event>
<event name="OnMiddleUp"></event>
<event name="OnMotion"></event>
<event name="OnMouseEvents"></event>
<event name="OnMouseWheel"></event>
<event name="OnPaint"></event>
<event name="OnRightDClick"></event>
<event name="OnRightDown"></event>
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
</object>
</object>
<object class="sizeritem" expanded="1">
<property name="border">5</property>
<property name="flag">wxEXPAND</property>
<property name="proportion">1</property>
<object class="wxBoxSizer" expanded="1">
<property name="minimum_size"></property>
<property name="name">m_provider_locked_vert</property>
<property name="orient">wxVERTICAL</property>
<property name="permission">protected</property>
<object class="sizeritem" expanded="1">
<property name="border">5</property>
<property name="flag">wxALL|wxEXPAND</property>
<property name="proportion">0</property>
<object class="wxStaticText" expanded="1">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
<property name="TopDockable">1</property>
<property name="aui_layer"></property>
<property name="aui_name"></property>
<property name="aui_position"></property>
<property name="aui_row"></property>
<property name="best_size"></property>
<property name="bg"></property>
<property name="caption"></property>
<property name="caption_visible">1</property>
<property name="center_pane">0</property>
<property name="close_button">1</property>
<property name="context_help"></property>
<property name="context_menu">1</property>
<property name="default_pane">0</property>
<property name="dock">Dock</property>
<property name="dock_fixed">0</property>
<property name="docking">Left</property>
<property name="enabled">1</property>
<property name="fg"></property>
<property name="floatable">1</property>
<property name="font"></property>
<property name="gripper">0</property>
<property name="hidden">0</property>
<property name="id">wxID_ANY</property>
<property name="label"></property>
<property name="max_size"></property>
<property name="maximize_button">0</property>
<property name="maximum_size"></property>
<property name="min_size"></property>
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_provider_locked_label</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
<property name="permission">protected</property>
<property name="pin_button">1</property>
<property name="pos"></property>
<property name="resize">Resizable</property>
<property name="show">1</property>
<property name="size"></property>
<property name="style"></property>
<property name="subclass"></property>
<property name="toolbar_pane">0</property>
<property name="tooltip"></property>
<property name="window_extra_style"></property>
<property name="window_name"></property>
<property name="window_style"></property>
<property name="wrap">452</property>
<event name="OnChar"></event>
<event name="OnEnterWindow"></event>
<event name="OnEraseBackground"></event>
<event name="OnKeyDown"></event>
<event name="OnKeyUp"></event>
<event name="OnKillFocus"></event>
<event name="OnLeaveWindow"></event>
<event name="OnLeftDClick"></event>
<event name="OnLeftDown"></event>
<event name="OnLeftUp"></event>
<event name="OnMiddleDClick"></event>
<event name="OnMiddleDown"></event>
<event name="OnMiddleUp"></event>
<event name="OnMotion"></event>
<event name="OnMouseEvents"></event>
<event name="OnMouseWheel"></event>
<event name="OnPaint"></event>
<event name="OnRightDClick"></event>
<event name="OnRightDown"></event>
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
</object>
</object>
</object>
</object>
</object>
</object>
<object class="Panel" expanded="1">
<property name="aui_managed">0</property>
<property name="aui_manager_style">wxAUI_MGR_DEFAULT</property>
@@ -1020,7 +1254,7 @@
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_identity_own</property>
<property name="name">m_own_identity</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
@@ -1123,7 +1357,7 @@
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_clear_own</property>
<property name="name">m_own_clear</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
@@ -1211,7 +1445,7 @@
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_set_own</property>
<property name="name">m_own_set</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
@@ -1408,7 +1642,7 @@
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_identity_preshared</property>
<property name="name">m_preshared_identity</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
@@ -1511,7 +1745,7 @@
<property name="minimize_button">0</property>
<property name="minimum_size"></property>
<property name="moveable">1</property>
<property name="name">m_set_preshared</property>
<property name="name">m_preshared_set</property>
<property name="pane_border">1</property>
<property name="pane_position"></property>
<property name="pane_size"></property>
@@ -1828,11 +2062,11 @@
<property name="permission">none</property>
<property name="rows">0</property>
<property name="vgap">5</property>
<object class="sizeritem" expanded="1">
<object class="sizeritem" expanded="0">
<property name="border">5</property>
<property name="flag">wxEXPAND|wxALIGN_CENTER_VERTICAL</property>
<property name="proportion">0</property>
<object class="wxStaticText" expanded="1">
<object class="wxStaticText" expanded="0">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
@@ -1911,11 +2145,11 @@
<event name="OnUpdateUI"></event>
</object>
</object>
<object class="sizeritem" expanded="1">
<object class="sizeritem" expanded="0">
<property name="border">5</property>
<property name="flag">wxEXPAND|wxALIGN_CENTER_VERTICAL</property>
<property name="proportion">2</property>
<object class="wxTextCtrl" expanded="1">
<object class="wxTextCtrl" expanded="0">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
@@ -2002,11 +2236,11 @@
<event name="OnUpdateUI"></event>
</object>
</object>
<object class="sizeritem" expanded="1">
<object class="sizeritem" expanded="0">
<property name="border">5</property>
<property name="flag">wxEXPAND|wxALIGN_CENTER_VERTICAL</property>
<property name="proportion">0</property>
<object class="wxStaticText" expanded="1">
<object class="wxStaticText" expanded="0">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
@@ -2085,11 +2319,11 @@
<event name="OnUpdateUI"></event>
</object>
</object>
<object class="sizeritem" expanded="1">
<object class="sizeritem" expanded="0">
<property name="border">5</property>
<property name="flag">wxEXPAND|wxALIGN_CENTER_VERTICAL</property>
<property name="proportion">2</property>
<object class="wxTextCtrl" expanded="1">
<object class="wxTextCtrl" expanded="0">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>
@@ -2178,11 +2412,11 @@
</object>
</object>
</object>
<object class="sizeritem" expanded="1">
<object class="sizeritem" expanded="0">
<property name="border">5</property>
<property name="flag">wxALL|wxEXPAND</property>
<property name="proportion">0</property>
<object class="wxCheckBox" expanded="1">
<object class="wxCheckBox" expanded="0">
<property name="BottomDockable">1</property>
<property name="LeftDockable">1</property>
<property name="RightDockable">1</property>

31
lib/EAPBase_UI/res/wxEAP_UI.h
View File

@@ -92,15 +92,34 @@ class wxEAPBannerPanelBase : public wxPanel
private:
protected:
wxStaticText* m_title;
public:
wxStaticText* m_title;
wxEAPBannerPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = 0 );
~wxEAPBannerPanelBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPProviderLockedBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPProviderLockedBase : public wxPanel
{
private:
protected:
wxStaticBitmap* m_provider_locked_icon;
wxBoxSizer* m_provider_locked_vert;
wxStaticText* m_provider_locked_label;
public:
wxEAPProviderLockedBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxSIMPLE_BORDER|wxTAB_TRAVERSAL );
~wxEAPProviderLockedBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPCredentialsConfigPanelBase
///////////////////////////////////////////////////////////////////////////////
@@ -112,12 +131,12 @@ class wxEAPCredentialsConfigPanelBase : public wxPanel
wxStaticBitmap* m_credentials_icon;
wxStaticText* m_credentials_label;
wxRadioButton* m_own;
wxTextCtrl* m_identity_own;
wxButton* m_clear_own;
wxButton* m_set_own;
wxTextCtrl* m_own_identity;
wxButton* m_own_clear;
wxButton* m_own_set;
wxRadioButton* m_preshared;
wxTextCtrl* m_identity_preshared;
wxButton* m_set_preshared;
wxTextCtrl* m_preshared_identity;
wxButton* m_preshared_set;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }

75
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@@ -21,39 +21,6 @@
#include "StdAfx.h"
//////////////////////////////////////////////////////////////////////
// wxEAPCredentialsDialog
//////////////////////////////////////////////////////////////////////
wxEAPCredentialsDialog::wxEAPCredentialsDialog(wxWindow* parent) : wxEAPCredentialsDialogBase(parent)
{
// Set extra style here, as wxFormBuilder overrides all default flags.
this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY);
m_buttonsOK->SetDefault();
}
void wxEAPCredentialsDialog::AddContents(wxPanel **contents, size_t content_count)
{
if (content_count) {
for (size_t i = 0; i < content_count; i++)
m_panels->Add(contents[i], 0, wxALL|wxEXPAND, 5);
this->Layout();
this->GetSizer()->Fit(this);
contents[0]->SetFocusFromKbd();
}
}
void wxEAPCredentialsDialog::OnInitDialog(wxInitDialogEvent& event)
{
for (wxSizerItemList::compatibility_iterator panel = m_panels->GetChildren().GetFirst(); panel; panel = panel->GetNext())
panel->GetData()->GetWindow()->GetEventHandler()->ProcessEvent(event);
}
//////////////////////////////////////////////////////////////////////
// wxEAPBannerPanel
//////////////////////////////////////////////////////////////////////
@@ -62,45 +29,3 @@ wxEAPBannerPanel::wxEAPBannerPanel(wxWindow* parent) : wxEAPBannerPanelBase(pare
{
m_title->SetLabelText(wxT(PRODUCT_NAME_STR));
}
//////////////////////////////////////////////////////////////////////
// wxPasswordCredentialsPanel
//////////////////////////////////////////////////////////////////////
const wxStringCharType *wxPasswordCredentialsPanel::s_dummy_password = wxT("dummypass");
wxPasswordCredentialsPanel::wxPasswordCredentialsPanel(eap::credentials_pass &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config) :
wxCredentialsPanel<wxPasswordCredentialsPanelBase, eap::credentials_pass>(cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(269));
}
bool wxPasswordCredentialsPanel::TransferDataToWindow()
{
wxCHECK(__super::TransferDataToWindow(), false);
m_identity->SetValue(m_cred.m_identity);
m_identity->SetSelection(0, -1);
m_password->SetValue(m_cred.m_password.empty() ? wxEmptyString : s_dummy_password);
return true;
}
bool wxPasswordCredentialsPanel::TransferDataFromWindow()
{
m_cred.m_identity = m_identity->GetValue();
wxString pass = m_password->GetValue();
if (pass.compare(s_dummy_password) != 0) {
m_cred.m_password = pass;
pass.assign(pass.length(), wxT('*'));
}
return __super::TransferDataFromWindow();
}

BIN
lib/Events/MSIBuild/Makefile
View File

Binary file not shown.

BIN
lib/Events/res/EventsETW.man
View File

Binary file not shown.

1
lib/PAP_UI/build/PAP_UI.vcxproj
View File

@@ -83,7 +83,6 @@
<ClInclude Include="..\src\StdAfx.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\src\PAP_UI.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>

3
lib/PAP_UI/build/PAP_UI.vcxproj.filters
View File

@@ -26,8 +26,5 @@
<ClCompile Include="..\src\StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\PAP_UI.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
</Project>

58
lib/PAP_UI/include/PAP_UI.h
View File

@@ -25,12 +25,12 @@
///
/// PAP credentials configuration panel
///
typedef wxEAPCredentialsConfigPanel<eap::config_pap, eap::credentials_pap, wxPasswordCredentialsPanel> wxPAPCredentialsConfigPanel;
template <class _Tprov> class wxPAPCredentialsConfigPanel;
///
/// PAP configuration panel
///
class wxPAPConfigPanel;
template <class _Tprov> class wxPAPConfigPanel;
#pragma once
@@ -40,25 +40,69 @@ class wxPAPConfigPanel;
#include <Windows.h>
template <class _Tprov>
class wxPAPCredentialsConfigPanel : public wxEAPCredentialsConfigPanel<_Tprov, eap::config_pap, wxPasswordCredentialsPanel<_Tprov> >
{
public:
///
/// Constructs a PAP credential configuration panel
///
/// \param[inout] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxPAPCredentialsConfigPanel(_Tprov &prov, eap::config_pap &cfg, LPCTSTR pszCredTarget, wxWindow *parent) :
wxEAPCredentialsConfigPanel<_Tprov, eap::config_pap, wxPasswordCredentialsPanel<_Tprov> >(prov, cfg, pszCredTarget, parent)
{
}
};
template <class _Tprov>
class wxPAPConfigPanel : public wxPanel
{
public:
///
/// Constructs a configuration panel
///
wxPAPConfigPanel(eap::config_pap &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
wxPAPConfigPanel(_Tprov &prov, eap::config_pap &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_credentials = new wxPAPCredentialsConfigPanel<_Tprov>(prov, cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxEXPAND, 5);
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxPAPConfigPanel::OnInitDialog));
}
///
/// Destructs the configuration panel
///
virtual ~wxPAPConfigPanel();
virtual ~wxPAPConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxPAPConfigPanel::OnInitDialog));
}
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}
/// \endcond
protected:
wxPAPCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel
wxStaticText *m_label; ///< No-configuration notice
wxPAPCredentialsConfigPanel<_Tprov> *m_credentials; ///< Credentials configuration panel
};

66
lib/PAP_UI/src/PAP_UI.cpp
View File

@@ -1,66 +0,0 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
//////////////////////////////////////////////////////////////////////
// wxPAPConfigPanel
//////////////////////////////////////////////////////////////////////
wxPAPConfigPanel::wxPAPConfigPanel(eap::config_pap &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
if (cfg.m_allow_save) {
m_credentials = new wxPAPCredentialsConfigPanel(cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxEXPAND, 5);
m_label = NULL;
} else {
m_credentials = NULL;
m_label = new wxStaticText(this, wxID_ANY, _("This method requires no additional settings."), wxDefaultPosition, wxDefaultSize, 0);
m_label->Wrap(-1);
sb_content->Add(m_label, 0, wxEXPAND, 5);
}
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxPAPConfigPanel::OnInitDialog));
}
wxPAPConfigPanel::~wxPAPConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxPAPConfigPanel::OnInitDialog));
}
void wxPAPConfigPanel::OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}

5
lib/TLS/include/Credentials.h
View File

@@ -194,6 +194,11 @@ namespace eap
public:
winstd::cert_context m_cert; ///< Client certificate
private:
/// \cond internal
static const unsigned char s_entropy[1024];
/// \endcond
};
}

12
lib/TLS/src/Config.cpp
View File

@@ -91,7 +91,7 @@ bool eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfig
// <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ServerSideCredential> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ServerSideCredential> element."));
return false;
}
@@ -99,25 +99,25 @@ bool eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfig
// <CA>
com_obj<IXMLDOMElement> pXmlElCA;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CA> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <CA> element."));
return false;
}
// <CA>/<format>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <format> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <format> element."));
return false;
}
// <CA>/<cert-data>
const cert_context &cc = *i;
if ((dwResult = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <cert-data> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <cert-data> element."));
return false;
}
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL))) {
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <CA> element."), NULL);
*ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <CA> element."));
return false;
}
}
@@ -127,7 +127,7 @@ bool eap::config_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfig
wstring str;
MultiByteToWideChar(CP_UTF8, 0, i->c_str(), (int)i->length(), str);
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ServerName> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ServerName> element."));
return false;
}
}

146
lib/TLS/src/Credentials.cpp
View File

@@ -101,26 +101,26 @@ bool eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
// <ClientCertificate>
com_obj<IXMLDOMElement> pXmlElClientCertificate;
if ((dwResult = eapxml::create_element(pDoc, bstr(L"ClientCertificate"), bstrNamespace, &pXmlElClientCertificate))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <ClientCertificate> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <ClientCertificate> element."));
return false;
}
if (m_cert) {
// <ClientCertificate>/<format>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElClientCertificate, bstr(L"format"), bstrNamespace, bstr(L"PEM"))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <format> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <format> element."));
return false;
}
// <ClientCertificate>/<cert-data>
if ((dwResult = eapxml::put_element_base64(pDoc, pXmlElClientCertificate, bstr(L"cert-data"), bstrNamespace, m_cert->pbCertEncoded, m_cert->cbCertEncoded)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <cert-data> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <cert-data> element."));
return false;
}
}
if (FAILED(hr = pConfigRoot->appendChild(pXmlElClientCertificate, NULL))) {
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <ClientCertificate> element."), NULL);
*ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <ClientCertificate> element."));
return false;
}
@@ -143,7 +143,7 @@ bool eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR *
// <ClientCertificate>
com_obj<IXMLDOMElement> pXmlElClientCertificate;
if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ClientCertificate"), &pXmlElClientCertificate)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error reading <ClientCertificate> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error reading <ClientCertificate> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
@@ -170,36 +170,20 @@ bool eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **p
{
assert(pszTargetName);
assert(ppEapError);
string cert_enc;
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Encrypt certificate.
vector<unsigned char> cert;
if (!m_module.encrypt_md5(cp, m_cert->pbCertEncoded, m_cert->cbCertEncoded, cert, ppEapError))
return false;
// Convert encrypted certificate to Base64, since CredProtectA() fail for binary strings.
string cert_base64;
base64_enc enc;
enc.encode(cert_base64, cert.data(), cert.size());
// Encrypt the certificate using user's key.
CRED_PROTECTION_TYPE cpt;
if (!CredProtectA(TRUE, cert_base64.c_str(), (DWORD)cert_base64.length(), cert_enc, &cpt)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredProtect failed."), NULL);
DATA_BLOB cred_blob = { m_cert->cbCertEncoded, m_cert->pbCertEncoded };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc)) {
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptProtectData failed."));
return false;
}
tstring target(target_name(pszTargetName));
// Write credentials.
assert(cert_enc.size() < CRED_MAX_CREDENTIAL_BLOB_SIZE);
assert(cred_enc.cbData < CRED_MAX_CREDENTIAL_BLOB_SIZE);
assert(m_identity.length() < CRED_MAX_USERNAME_LENGTH );
CREDENTIAL cred = {
0, // Flags
@@ -207,8 +191,8 @@ bool eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **p
(LPTSTR)target.c_str(), // TargetName
_T(""), // Comment
{ 0, 0 }, // LastWritten
(DWORD)cert_enc.size(), // CredentialBlobSize
(LPBYTE)cert_enc.data(), // CredentialBlob
cred_enc.cbData, // CredentialBlobSize
cred_enc.pbData, // CredentialBlob
CRED_PERSIST_ENTERPRISE, // Persist
0, // AttributeCount
NULL, // Attributes
@@ -216,7 +200,7 @@ bool eap::credentials_tls::store(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR **p
(LPTSTR)m_identity.c_str() // UserName
};
if (!CredWrite(&cred, 0)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredWrite failed."), NULL);
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CredWrite failed."));
return false;
}
@@ -231,37 +215,23 @@ bool eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
// Read credentials.
unique_ptr<CREDENTIAL, CredFree_delete<CREDENTIAL> > cred;
if (!CredRead(target_name(pszTargetName).c_str(), CRED_TYPE_GENERIC, 0, (PCREDENTIAL*)&cred)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredRead failed."), NULL);
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CredRead failed."));
return false;
}
// Decrypt the certificate using user's key.
string cert_base64;
if (!CredUnprotectA(TRUE, (LPCSTR)(cred->CredentialBlob), cred->CredentialBlobSize, cert_base64)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CredUnprotect failed."), NULL);
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int)) {
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" CryptUnprotectData failed."));
return false;
}
// Convert Base64 to binary encrypted certificate, since CredProtectA() fail for binary strings.
vector<unsigned char> cert;
base64_dec dec;
bool is_last;
dec.decode(cert, is_last, cert_base64.c_str(), cert_base64.length());
// Prepare cryptographics provider.
crypt_prov cp;
if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" CryptAcquireContext failed."), NULL);
return false;
}
// Decrypt certificate.
vector<unsigned char, sanitizing_allocator<unsigned char> > _cert;
if (!m_module.decrypt_md5(cp, cert.data(), cert.size(), _cert, ppEapError))
return false;
if (!m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, _cert.data(), (DWORD)_cert.size())) {
*ppEapError = m_module.make_error(GetLastError(), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error loading certificate."), NULL);
bool bResult = m_cert.create(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cred_int.pbData, cred_int.cbData);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
if (!bResult) {
*ppEapError = m_module.make_error(GetLastError(), _T(__FUNCTION__) _T(" Error loading certificate."));
return false;
}
@@ -270,3 +240,71 @@ bool eap::credentials_tls::retrieve(_In_ LPCTSTR pszTargetName, _Out_ EAP_ERROR
return true;
}
const unsigned char eap::credentials_tls::s_entropy[1024] = {
0xb9, 0xd1, 0x62, 0xd4, 0x1c, 0xe6, 0x8c, 0x25, 0x98, 0x9b, 0x1d, 0xbc, 0x40, 0x46, 0x9e, 0x6d,
0x63, 0xba, 0xda, 0x78, 0x65, 0x56, 0x97, 0x4f, 0xa0, 0x89, 0xf4, 0xc5, 0x1b, 0xf5, 0x8d, 0x69,
0xa1, 0x8c, 0xf3, 0xf9, 0x91, 0x86, 0x7f, 0xf3, 0x47, 0x2e, 0x23, 0x61, 0xde, 0x4f, 0x61, 0x94,
0xba, 0xba, 0x27, 0x63, 0x0b, 0xf0, 0x4e, 0xa0, 0x24, 0xab, 0x17, 0x62, 0x3f, 0xc4, 0xd8, 0xad,
0xd6, 0x03, 0x1f, 0x3b, 0xdd, 0x88, 0xf7, 0x9a, 0x56, 0xf4, 0x0d, 0xce, 0x9b, 0x18, 0x33, 0x54,
0x5a, 0x1a, 0x3b, 0x91, 0x70, 0xf5, 0x95, 0x1c, 0x39, 0xe8, 0x42, 0x6c, 0x6e, 0xe6, 0x4d, 0xb8,
0x1c, 0xa6, 0xce, 0xad, 0xcd, 0x9e, 0x55, 0x88, 0x90, 0xff, 0x5e, 0x81, 0xdf, 0x08, 0x68, 0x54,
0xa1, 0x60, 0xfb, 0x41, 0x8a, 0xc1, 0xf2, 0xf0, 0xc4, 0x0e, 0xb9, 0xd1, 0x61, 0xa5, 0xc4, 0x02,
0xd9, 0x43, 0xbb, 0x16, 0x9f, 0x9a, 0xc3, 0xe0, 0x61, 0xf8, 0x57, 0x16, 0xb1, 0x7f, 0x00, 0x53,
0xf6, 0x8b, 0x97, 0x8f, 0xec, 0x3f, 0x72, 0x32, 0x0c, 0x0a, 0x80, 0x00, 0x4f, 0x87, 0x36, 0x2e,
0x24, 0x1d, 0xb4, 0xe5, 0x6c, 0x41, 0x34, 0xe9, 0x75, 0x4c, 0xf2, 0xdb, 0x16, 0xb5, 0x9a, 0x54,
0x40, 0xe9, 0x1f, 0xc0, 0xf1, 0xc5, 0x0d, 0x5d, 0xa7, 0xb5, 0x51, 0x15, 0x05, 0x95, 0xe2, 0x46,
0x9d, 0xc7, 0x74, 0xd7, 0xab, 0x93, 0xce, 0x7d, 0xf9, 0x61, 0x9d, 0x2b, 0xe7, 0x45, 0x61, 0x0b,
0xcc, 0x18, 0xf1, 0xf4, 0x00, 0xb9, 0x78, 0x23, 0x45, 0x8a, 0xd6, 0x1d, 0x95, 0x6b, 0x99, 0xe0,
0x21, 0x6b, 0x98, 0x91, 0xcb, 0x0e, 0x50, 0x9a, 0x2e, 0x64, 0xa2, 0xe9, 0x1b, 0x1f, 0x6e, 0x69,
0x78, 0x1d, 0xd1, 0xa1, 0xe5, 0x95, 0x34, 0x78, 0xf2, 0x8b, 0xe6, 0x38, 0x74, 0xd6, 0x48, 0x69,
0x62, 0xf6, 0xd3, 0x18, 0x1c, 0xb1, 0x0e, 0xc0, 0xdf, 0xff, 0x2e, 0xd3, 0xbc, 0x4e, 0xae, 0xd7,
0xe0, 0xb8, 0x47, 0x15, 0xcc, 0x10, 0xc3, 0x3a, 0x3d, 0x67, 0x79, 0x33, 0x1d, 0xb1, 0x73, 0xdf,
0xfb, 0xb2, 0x89, 0xbb, 0x04, 0x76, 0xec, 0x4a, 0x73, 0x73, 0xa8, 0x07, 0xb7, 0xb0, 0xbe, 0x15,
0xac, 0xc3, 0x32, 0x1e, 0x70, 0xc2, 0x0e, 0x8c, 0x29, 0x2e, 0x2d, 0xfc, 0x36, 0x1f, 0x9d, 0x90,
0x86, 0x1b, 0x12, 0xca, 0x82, 0x4d, 0xea, 0x9e, 0xb4, 0x5e, 0xb0, 0x33, 0xc4, 0x19, 0x25, 0x3f,
0x27, 0x11, 0x5a, 0x79, 0x91, 0x44, 0x2c, 0x50, 0x56, 0xe0, 0xd2, 0xb3, 0x81, 0x17, 0x3f, 0x06,
0x57, 0x39, 0x18, 0x2c, 0xd4, 0x1e, 0xf3, 0x90, 0x7e, 0xc3, 0x08, 0x50, 0x89, 0x7a, 0xf7, 0x7f,
0xe9, 0xf1, 0x2d, 0x73, 0x95, 0xd9, 0x2e, 0x83, 0xc8, 0x93, 0x33, 0xd9, 0x00, 0xc3, 0xa0, 0x43,
0x32, 0x57, 0x7b, 0xa9, 0xbf, 0x55, 0xfc, 0x35, 0xfb, 0x85, 0x08, 0x1c, 0x84, 0xa7, 0xce, 0xb0,
0x8b, 0xab, 0x56, 0xfa, 0x70, 0x9c, 0xd5, 0x8f, 0x21, 0xf6, 0x8f, 0x5e, 0xd5, 0x1b, 0x81, 0x17,
0xf7, 0x82, 0xb2, 0x28, 0xde, 0xc5, 0xc1, 0xba, 0xe7, 0xfa, 0x21, 0x06, 0xff, 0xf3, 0x27, 0xf8,
0x3a, 0x7d, 0xbc, 0x96, 0x5e, 0xdf, 0xf4, 0x89, 0x9f, 0x1c, 0x40, 0x03, 0x1a, 0xd2, 0x53, 0xb9,
0xe4, 0xeb, 0x16, 0xbf, 0xaa, 0xe3, 0xdf, 0x5d, 0x2a, 0xef, 0x16, 0x6f, 0x5d, 0x2b, 0x75, 0x4c,
0x0e, 0xe0, 0xda, 0xc4, 0xd7, 0x05, 0x52, 0x28, 0x25, 0xc4, 0x3f, 0xe0, 0x55, 0x07, 0x93, 0x21,
0x80, 0x2b, 0x49, 0x0c, 0x00, 0xd7, 0x13, 0xb3, 0xe0, 0x29, 0x93, 0x66, 0x0a, 0x4b, 0x88, 0x63,
0xac, 0x14, 0x5f, 0x9b, 0x1c, 0xf4, 0xe3, 0xe7, 0xeb, 0xac, 0x2d, 0xe3, 0x08, 0x7d, 0xcf, 0xce,
0x12, 0xf0, 0xcd, 0x68, 0x6e, 0xe2, 0x06, 0x16, 0x38, 0x17, 0x93, 0xbc, 0xf9, 0xfe, 0x8e, 0xb2,
0x14, 0x99, 0x76, 0x82, 0xf7, 0xc2, 0x93, 0x46, 0x95, 0xd7, 0x81, 0x03, 0x16, 0xae, 0xfc, 0x39,
0xb0, 0x26, 0xd1, 0x74, 0x73, 0x82, 0x21, 0xdb, 0x74, 0x48, 0xd7, 0xc2, 0xae, 0x73, 0x2d, 0x81,
0x84, 0x61, 0x6d, 0x1d, 0x8a, 0xb4, 0x9d, 0xb3, 0x2a, 0xa7, 0x9b, 0x08, 0x89, 0x2a, 0x96, 0x98,
0xc1, 0x64, 0xf2, 0x10, 0x8b, 0x8d, 0xaa, 0xbe, 0x0d, 0x37, 0xaa, 0x42, 0x94, 0x9f, 0xae, 0x18,
0x64, 0xcd, 0x77, 0x24, 0x41, 0xc8, 0x6a, 0xbc, 0x80, 0x7f, 0xd8, 0x1f, 0x94, 0x29, 0xe7, 0x38,
0xb8, 0x7f, 0x90, 0x54, 0xe4, 0xb6, 0xb8, 0x30, 0x7f, 0x40, 0xeb, 0x60, 0x6c, 0x6a, 0x07, 0x36,
0x5b, 0xfc, 0x09, 0x72, 0xff, 0x02, 0x96, 0xce, 0xd6, 0xdc, 0x07, 0x80, 0x25, 0x70, 0x6f, 0x9e,
0x63, 0xac, 0x97, 0x1d, 0x3d, 0x3a, 0x26, 0x83, 0xc8, 0xe3, 0x99, 0xa8, 0x10, 0xf4, 0x68, 0xf4,
0xf3, 0x8c, 0x38, 0x8d, 0xd2, 0x13, 0xd5, 0x95, 0xce, 0x80, 0x1e, 0xcf, 0x14, 0xb8, 0x16, 0x64,
0x28, 0xf1, 0x40, 0xd9, 0xa0, 0x24, 0x13, 0x84, 0x3b, 0x8b, 0x92, 0x73, 0x67, 0x77, 0x93, 0xfe,
0x07, 0x67, 0x7d, 0xcf, 0x7f, 0x9e, 0x7b, 0x74, 0x6a, 0x07, 0xb8, 0x1f, 0xdc, 0xa6, 0xdd, 0xbb,
0x63, 0xc8, 0x5d, 0xde, 0x48, 0x93, 0x34, 0xf3, 0x3b, 0xa6, 0x4d, 0x08, 0xdf, 0xd4, 0x40, 0x55,
0x0c, 0x85, 0x6c, 0xda, 0x41, 0xc2, 0xd5, 0x4f, 0x08, 0xfc, 0x87, 0x43, 0x22, 0x42, 0x59, 0x53,
0xbe, 0x21, 0xe4, 0x09, 0xcc, 0x6a, 0xa2, 0x50, 0x6e, 0x2d, 0x9a, 0x61, 0xdc, 0x36, 0xd0, 0x51,
0xab, 0xdb, 0x24, 0xad, 0x37, 0xe5, 0x47, 0x93, 0xcd, 0x74, 0x94, 0x17, 0x71, 0x8f, 0xc1, 0xca,
0x3f, 0xfa, 0x4f, 0xd8, 0xb5, 0xbb, 0xb6, 0xf3, 0xab, 0x7d, 0xa6, 0x65, 0x24, 0x42, 0x2a, 0x4b,
0x3a, 0xbb, 0x7c, 0xcf, 0x1e, 0x32, 0x12, 0xf4, 0xe1, 0x90, 0xb3, 0x50, 0xb1, 0xfc, 0x7c, 0x6b,
0x91, 0x06, 0x18, 0x02, 0x33, 0x83, 0x4b, 0x20, 0x75, 0xf5, 0xad, 0x37, 0x5d, 0xb8, 0xc2, 0xb5,
0x23, 0x28, 0x32, 0x50, 0x36, 0xd8, 0x6d, 0x65, 0x98, 0xca, 0x58, 0x51, 0x91, 0x72, 0x3b, 0x42,
0xd5, 0xcd, 0x09, 0x1e, 0xcf, 0x8c, 0x88, 0x4c, 0xf4, 0x4d, 0x31, 0x0b, 0xd3, 0x81, 0xe8, 0x28,
0x2b, 0xf6, 0x6d, 0x70, 0x34, 0x0f, 0x7e, 0x8d, 0xfc, 0x03, 0xc4, 0x8c, 0xf2, 0xc5, 0x6c, 0xbd,
0xf8, 0x14, 0xec, 0x2b, 0x0a, 0xb7, 0x7e, 0x8b, 0xcf, 0xb5, 0x58, 0xa5, 0x4d, 0x34, 0x61, 0x58,
0xa3, 0xfd, 0x72, 0x4e, 0x20, 0xbe, 0x96, 0xc4, 0x6c, 0xec, 0x1f, 0xb6, 0x0c, 0x15, 0xbc, 0x71,
0x30, 0xa1, 0x57, 0x13, 0x85, 0x5c, 0xf3, 0x36, 0x42, 0x8b, 0x22, 0x26, 0x5b, 0xfb, 0x76, 0x01,
0xf3, 0xf3, 0xff, 0xe1, 0x6b, 0xf3, 0x8c, 0x25, 0xe3, 0x60, 0xee, 0xc8, 0x8f, 0xe3, 0xdb, 0xa8,
0x6e, 0xed, 0x1e, 0x5a, 0xd4, 0xd2, 0xff, 0x28, 0xea, 0x63, 0x56, 0xc1, 0xc3, 0xee, 0x37, 0x57,
0xd7, 0x6d, 0x92, 0xf8, 0x2b, 0x9a, 0x55, 0x62, 0x7b, 0x08, 0x27, 0xde, 0x13, 0x27, 0x35, 0x30,
0x20, 0xb3, 0x43, 0x31, 0xeb, 0xf6, 0x28, 0xb4, 0x6e, 0x92, 0x82, 0x48, 0x1e, 0xbf, 0xe6, 0x3d,
0x84, 0x0d, 0x9f, 0x5f, 0x55, 0x97, 0x96, 0x26, 0x65, 0x59, 0xfa, 0x6a, 0x72, 0xc6, 0x49, 0xa5,
0x0d, 0xd0, 0x84, 0x17, 0x97, 0x56, 0x2e, 0xff, 0x82, 0x76, 0x61, 0x75, 0x9f, 0x15, 0xd2, 0x08,
0xbb, 0x24, 0xb5, 0xba, 0xaa, 0x5e, 0x20, 0xdd, 0x03, 0x4c, 0x3c, 0x54, 0xd8, 0x8f, 0x87, 0x49,
};

341
lib/TLS_UI/include/TLS_UI.h
View File

@@ -24,9 +24,16 @@
#include <WinStd/Common.h>
#include <wx/filedlg.h>
#include <wx/msgdlg.h>
#include <cryptuiapi.h>
#include <Windows.h>
#include <WinCrypt.h> // Must include after <Windows.h>
#include <list>
#include <string>
///
/// Helper class for auto-destroyable certificates used in wxWidget's item containers
@@ -51,22 +58,22 @@ class wxFQDNListValidator;
///
/// EAPTLS credential panel
///
class wxEAPTLSCredentialsPanel;
template <class _Tprov> class wxEAPTLSCredentialsPanel;
///
/// EAPTLS server trust configuration panel
///
class wxEAPTLSServerTrustPanel;
template <class _Tprov> class wxEAPTLSServerTrustPanel;
///
/// TLS credentials configuration panel
///
typedef wxEAPCredentialsConfigPanel<eap::config_tls, eap::credentials_tls, wxEAPTLSCredentialsPanel> wxEAPTLSCredentialsConfigPanel;
template <class _Tprov> class wxEAPTLSCredentialsConfigPanel;
///
/// EAPTLS configuration panel
///
class wxEAPTLSConfigPanel;
template <class _Tprov> class wxEAPTLSConfigPanel;
namespace eap
{
@@ -249,19 +256,98 @@ protected:
};
class wxEAPTLSCredentialsPanel : public wxCredentialsPanel<wxEAPTLSCredentialsPanelBase, eap::credentials_tls>
template <class _Tprov>
class wxEAPTLSCredentialsPanel : public wxCredentialsPanel<eap::credentials_tls, wxEAPTLSCredentialsPanelBase>
{
public:
///
/// Constructs a configuration panel
///
wxEAPTLSCredentialsPanel(eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false);
wxEAPTLSCredentialsPanel(_Tprov &prov, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false) :
wxCredentialsPanel<eap::credentials_tls, wxEAPTLSCredentialsPanelBase>(cred, pszCredTarget, parent, is_config)
{
UNREFERENCED_PARAMETER(prov);
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(269));
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual void OnCertSelect(wxCommandEvent& event);
virtual bool TransferDataToWindow()
{
// Populate certificate list.
bool is_found = false;
winstd::cert_store store;
if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) {
DWORD dwKeySpec = 0, dwSize = sizeof(dwKeySpec);
if (!CertGetCertificateContextProperty(cert, CERT_KEY_SPEC_PROP_ID, &dwKeySpec, &dwSize) || !dwKeySpec) {
// Skip certificates without private key.
continue;
}
// Prepare certificate information.
std::unique_ptr<wxCertificateClientData> data(new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
// Add to list.
bool is_selected =
m_cred.m_cert &&
m_cred.m_cert->cbCertEncoded == data->m_cert->cbCertEncoded &&
memcmp(m_cred.m_cert->pbCertEncoded, data->m_cert->pbCertEncoded, m_cred.m_cert->cbCertEncoded) == 0;
winstd::tstring name;
eap::get_cert_title(cert, name);
int i = m_cert_select_val->Append(name, data.release());
if (is_selected) {
m_cert_select_val->SetSelection(i);
is_found = true;
}
}
}
if (is_found) {
m_cert_select ->SetValue(true);
m_cert_select_val->Enable(true);
} else {
m_cert_none ->SetValue(true);
m_cert_select_val->Enable(false);
if (!m_cert_select_val->IsEmpty())
m_cert_select_val->SetSelection(0);
}
return __super::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
if (m_cert_none->GetValue())
m_cred.clear();
else {
const wxCertificateClientData *data = dynamic_cast<const wxCertificateClientData*>(m_cert_select_val->GetClientObject(m_cert_select_val->GetSelection()));
if (data) {
m_cred.m_cert.attach_duplicated(data->m_cert);
// Generate identity. TODO: Find which CERT_NAME_... constant returns valid identity (username@domain or DOMAIN\Username).
CertGetNameString(m_cred.m_cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, m_cred.m_identity);
} else
m_cred.clear();
}
// Inherited TransferDataFromWindow() calls m_cred.store().
// Therefore, call it only now, that m_cred is set.
return __super::TransferDataFromWindow();
}
virtual void OnCertSelect(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
m_cert_select_val->Enable(m_cert_select->GetValue());
}
/// \endcond
protected:
@@ -270,23 +356,150 @@ protected:
};
template <class _Tprov>
class wxEAPTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase
{
public:
///
/// Constructs a configuration panel
///
wxEAPTLSServerTrustPanel(eap::config_tls &cfg, wxWindow* parent);
wxEAPTLSServerTrustPanel(_Tprov &prov, eap::config_tls &cfg, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
wxEAPTLSServerTrustConfigPanelBase(parent)
{
// Load and set icon.
if (m_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_server_trust_icon, m_icon, m_certmgr, MAKEINTRESOURCE(218));
// Do not use cfg.m_server_names directly, so we can decide not to store the value in case of provider-locked configuration.
// Never rely on control disabled state alone, as they can be enabled using external tool like Spy++.
m_server_names->SetValidator(wxFQDNListValidator(&m_server_names_val));
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual void OnRootCA(wxCommandEvent& event);
virtual void OnRootCADClick(wxCommandEvent& event);
virtual void OnRootCAAddStore(wxCommandEvent& event);
virtual void OnRootCAAddFile(wxCommandEvent& event);
virtual void OnRootCARemove(wxCommandEvent& event);
virtual bool TransferDataToWindow()
{
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_root_ca_add_store->Enable(false);
m_root_ca_add_file ->Enable(false);
m_root_ca_remove ->Enable(false);
m_server_names ->Enable(false);
}
// Populate trusted CA list.
for (std::list<winstd::cert_context>::const_iterator cert = m_cfg.m_trusted_root_ca.cbegin(), cert_end = m_cfg.m_trusted_root_ca.cend(); cert != cert_end; ++cert) {
winstd::tstring name;
if (CertGetNameString(*cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0)
m_root_ca->Append(wxString(name), new wxCertificateClientData(cert->duplicate()));
}
// Set server acceptable names. The edit control will get populated by validator.
m_server_names_val = m_cfg.m_server_names;
return wxEAPTLSServerTrustConfigPanelBase::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
wxCHECK(wxEAPTLSServerTrustConfigPanelBase::TransferDataFromWindow(), false);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
// Parse trusted CA list.
m_cfg.m_trusted_root_ca.clear();
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (cert)
m_cfg.add_trusted_ca(cert->m_cert->dwCertEncodingType, cert->m_cert->pbCertEncoded, cert->m_cert->cbCertEncoded);
}
// Save acceptable server names.
m_cfg.m_server_names = m_server_names_val;
}
return true;
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Selectively enable/disable controls.
wxArrayInt selections;
m_root_ca_remove->Enable(m_root_ca->GetSelections(selections) ? true : false);
}
}
virtual void OnRootCADClick(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
if (cert)
CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, cert->m_cert, this->GetHWND(), NULL, 0, NULL);
}
virtual void OnRootCAAddStore(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_context cert;
cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL));
if (cert)
AddRootCA(cert);
}
}
virtual void OnRootCAAddFile(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
const wxString separator(wxT("|"));
wxFileDialog open_dialog(this, _("Add Certificate"), wxEmptyString, wxEmptyString,
_("Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.p7b;*.pem") + separator +
_("X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.pem") + separator +
_("PKCS #7 Certificate Files (*.p7b)") + separator + wxT("*.p7b") + separator +
_("All Files (*.*)") + separator + wxT("*.*"),
wxFD_OPEN|wxFD_FILE_MUST_EXIST|wxFD_MULTIPLE);
if (open_dialog.ShowModal() == wxID_CANCEL) {
event.Skip();
return;
}
wxArrayString paths;
open_dialog.GetPaths(paths);
for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) {
// Load certificate(s) from file.
winstd::cert_store cs;
if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, (LPCTSTR)(paths[i]))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;)
AddRootCA(cert);
} else
wxMessageBox(wxString::Format(_("Invalid or unsupported certificate file %s"), paths[i]), _("Error"), wxOK | wxICON_EXCLAMATION, this);
}
}
virtual void OnRootCARemove(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxArrayInt selections;
for (int i = m_root_ca->GetSelections(selections); i--; )
m_root_ca->Delete(selections[i]);
}
/// \endcond
///
@@ -298,34 +511,110 @@ protected:
/// - \c true if certificate was added;
/// - \c false if duplicate found or an error occured.
///
bool AddRootCA(PCCERT_CONTEXT cert);
bool AddRootCA(PCCERT_CONTEXT cert)
{
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *c = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (c && c->m_cert &&
c->m_cert->cbCertEncoded == cert->cbCertEncoded &&
memcmp(c->m_cert->pbCertEncoded, cert->pbCertEncoded, cert->cbCertEncoded) == 0)
{
// This certificate is already on the list.
m_root_ca->SetSelection(i);
return false;
}
}
// Add certificate to the list.
winstd::tstring name;
if (CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0) {
int i = m_root_ca->Append(wxString(name), new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
if (0 <= i) {
m_root_ca->SetSelection(i);
}
return true;
}
return false;
}
protected:
eap::config_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon
_Tprov &m_prov; ///< EAP provider
eap::config_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon
std::list<std::string> m_server_names_val; ///< Acceptable authenticating server names
};
template <class _Tprov>
class wxEAPTLSCredentialsConfigPanel : public wxEAPCredentialsConfigPanel<_Tprov, eap::config_tls, wxEAPTLSCredentialsPanel<_Tprov> >
{
public:
///
/// Constructs a credential configuration panel
///
/// \param[inout] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxEAPTLSCredentialsConfigPanel(_Tprov &prov, eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow *parent) :
wxEAPCredentialsConfigPanel<_Tprov, eap::config_tls, wxEAPTLSCredentialsPanel<_Tprov> >(prov, cfg, pszCredTarget, parent)
{
}
};
template <class _Tprov>
class wxEAPTLSConfigPanel : public wxPanel
{
public:
///
/// Constructs a configuration panel
///
wxEAPTLSConfigPanel(eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
wxEAPTLSConfigPanel(_Tprov &prov, eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_server_trust = new wxEAPTLSServerTrustPanel<_Tprov>(prov, cfg, this);
sb_content->Add(m_server_trust, 0, wxDOWN|wxEXPAND, 5);
m_credentials = new wxEAPTLSCredentialsConfigPanel<_Tprov>(prov, cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxUP|wxEXPAND, 5);
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
///
/// Destructs the configuration panel
///
virtual ~wxEAPTLSConfigPanel();
virtual ~wxEAPTLSConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
m_server_trust->GetEventHandler()->ProcessEvent(event);
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}
/// \endcond
protected:
wxEAPTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel
wxEAPTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel
wxEAPTLSServerTrustPanel<_Tprov> *m_server_trust; ///< Server trust configuration panel
wxEAPTLSCredentialsConfigPanel<_Tprov> *m_credentials; ///< Credentials configuration panel
};

4
lib/TLS_UI/res/wxTLS_UI.cpp
View File

@@ -96,7 +96,7 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow
this->Layout();
// Connect Events
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_SELECTED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCA ), NULL, this );
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
@@ -106,7 +106,7 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow
wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase()
{
// Disconnect Events
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_SELECTED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCA ), NULL, this );
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );

4
lib/TLS_UI/res/wxTLS_UI.fbp
View File

@@ -77,7 +77,7 @@
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
<event name="OnUpdateUI">OnUpdateUI</event>
<object class="wxStaticBoxSizer" expanded="1">
<property name="id">wxID_ANY</property>
<property name="label">Server Trust</property>
@@ -431,7 +431,7 @@
<event name="OnLeftDClick"></event>
<event name="OnLeftDown"></event>
<event name="OnLeftUp"></event>
<event name="OnListBox">OnRootCA</event>
<event name="OnListBox"></event>
<event name="OnListBoxDClick">OnRootCADClick</event>
<event name="OnMiddleDClick"></event>
<event name="OnMiddleDown"></event>

2
lib/TLS_UI/res/wxTLS_UI.h
View File

@@ -53,7 +53,7 @@ class wxEAPTLSServerTrustConfigPanelBase : public wxPanel
wxStaticText* m_server_names_note;
// Virtual event handlers, overide them in your derived class
virtual void OnRootCA( wxCommandEvent& event ) { event.Skip(); }
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
virtual void OnRootCADClick( wxCommandEvent& event ) { event.Skip(); }
virtual void OnRootCAAddStore( wxCommandEvent& event ) { event.Skip(); }
virtual void OnRootCAAddFile( wxCommandEvent& event ) { event.Skip(); }

5
lib/TLS_UI/src/StdAfx.h
View File

@@ -25,8 +25,3 @@
#include "../../../include/Version.h"
#include "../include/TLS_UI.h"
#include <wx/filedlg.h>
#include <wx/msgdlg.h>
#include <cryptuiapi.h>

277
lib/TLS_UI/src/TLS_UI.cpp
View File

@@ -332,7 +332,7 @@ bool wxFQDNListValidator::Parse(const wxString &val_in, size_t i_start, size_t i
// Skip trailing white-space.
for (; i < i_end && _istspace(buf[i_end - 1]); i_end--);
if (wxHostNameValidator::Parse(val_in, i, i_end, ctrl, parent, fqdn)) {
if (wxFQDNValidator::Parse(val_in, i, i_end, ctrl, parent, fqdn)) {
// The rest of the FQDN list parsed succesfully.
if (fqdn && !fqdn->empty()) _val_out.push_back(std::move(*fqdn));
if (val_out) *val_out = std::move(_val_out);
@@ -342,278 +342,3 @@ bool wxFQDNListValidator::Parse(const wxString &val_in, size_t i_start, size_t i
}
}
}
//////////////////////////////////////////////////////////////////////
// wxEAPTLSCredentialsPanel
//////////////////////////////////////////////////////////////////////
wxEAPTLSCredentialsPanel::wxEAPTLSCredentialsPanel(eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config) :
wxCredentialsPanel<wxEAPTLSCredentialsPanelBase, eap::credentials_tls>(cred, pszCredTarget, parent, is_config)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(269));
}
bool wxEAPTLSCredentialsPanel::TransferDataToWindow()
{
wxCHECK(__super::TransferDataToWindow(), false);
// Populate certificate list.
bool is_found = false;
winstd::cert_store store;
if (store.create(CERT_STORE_PROV_SYSTEM, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, (HCRYPTPROV)NULL, CERT_SYSTEM_STORE_CURRENT_USER, _T("My"))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(store, cert)) != NULL;) {
DWORD dwKeySpec = 0, dwSize = sizeof(dwKeySpec);
if (!CertGetCertificateContextProperty(cert, CERT_KEY_SPEC_PROP_ID, &dwKeySpec, &dwSize) || !dwKeySpec) {
// Skip certificates without private key.
continue;
}
// Prepare certificate information.
std::unique_ptr<wxCertificateClientData> data(new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
// Add to list.
bool is_selected =
m_cred.m_cert &&
m_cred.m_cert->cbCertEncoded == data->m_cert->cbCertEncoded &&
memcmp(m_cred.m_cert->pbCertEncoded, data->m_cert->pbCertEncoded, m_cred.m_cert->cbCertEncoded) == 0;
winstd::tstring name;
eap::get_cert_title(cert, name);
int i = m_cert_select_val->Append(name, data.release());
if (is_selected) {
m_cert_select_val->SetSelection(i);
is_found = true;
}
}
}
if (is_found) {
m_cert_select ->SetValue(true);
m_cert_select_val->Enable(true);
} else {
m_cert_none ->SetValue(true);
m_cert_select_val->Enable(false);
if (!m_cert_select_val->IsEmpty())
m_cert_select_val->SetSelection(0);
}
return true;
}
bool wxEAPTLSCredentialsPanel::TransferDataFromWindow()
{
if (m_cert_none->GetValue())
m_cred.clear();
else {
const wxCertificateClientData *data = dynamic_cast<const wxCertificateClientData*>(m_cert_select_val->GetClientObject(m_cert_select_val->GetSelection()));
if (data) {
m_cred.m_cert.attach_duplicated(data->m_cert);
// Generate identity. TODO: Find which CERT_NAME_... constant returns valid identity (username@domain or DOMAIN\Username).
CertGetNameString(m_cred.m_cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, m_cred.m_identity);
} else
m_cred.clear();
}
return __super::TransferDataFromWindow();
}
void wxEAPTLSCredentialsPanel::OnCertSelect(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
m_cert_select_val->Enable(m_cert_select->GetValue());
}
//////////////////////////////////////////////////////////////////////
// wxEAPTLSServerTrustPanel
//////////////////////////////////////////////////////////////////////
wxEAPTLSServerTrustPanel::wxEAPTLSServerTrustPanel(eap::config_tls &cfg, wxWindow* parent) :
m_cfg(cfg),
wxEAPTLSServerTrustConfigPanelBase(parent)
{
// Load and set icon.
if (m_certmgr.load(_T("certmgr.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_server_trust_icon, m_icon, m_certmgr, MAKEINTRESOURCE(218));
m_server_names->SetValidator(wxFQDNListValidator(&(m_cfg.m_server_names)));
}
bool wxEAPTLSServerTrustPanel::TransferDataToWindow()
{
wxCHECK(wxEAPTLSServerTrustConfigPanelBase::TransferDataToWindow(), false);
// Populate trusted CA list.
for (std::list<winstd::cert_context>::const_iterator cert = m_cfg.m_trusted_root_ca.cbegin(), cert_end = m_cfg.m_trusted_root_ca.cend(); cert != cert_end; ++cert) {
winstd::tstring name;
if (CertGetNameString(*cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0)
m_root_ca->Append(wxString(name), new wxCertificateClientData(cert->duplicate()));
}
return true;
}
bool wxEAPTLSServerTrustPanel::TransferDataFromWindow()
{
// Parse trusted CA list.
m_cfg.m_trusted_root_ca.clear();
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (cert)
m_cfg.add_trusted_ca(cert->m_cert->dwCertEncodingType, cert->m_cert->pbCertEncoded, cert->m_cert->cbCertEncoded);
}
return wxEAPTLSServerTrustConfigPanelBase::TransferDataFromWindow();
}
void wxEAPTLSServerTrustPanel::OnRootCA(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
m_root_ca_remove->Enable(cert ? true : false);
}
void wxEAPTLSServerTrustPanel::OnRootCADClick(wxCommandEvent& event)
{
wxCertificateClientData *cert = dynamic_cast<wxCertificateClientData*>(event.GetClientObject());
if (cert)
CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, cert->m_cert, this->GetHWND(), NULL, 0, NULL);
}
void wxEAPTLSServerTrustPanel::OnRootCAAddStore(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
winstd::cert_store store;
if (store.create(NULL, _T("ROOT"))) {
winstd::cert_context cert;
cert.attach(CryptUIDlgSelectCertificateFromStore(store, this->GetHWND(), NULL, NULL, 0, 0, NULL));
if (cert)
AddRootCA(cert);
}
}
void wxEAPTLSServerTrustPanel::OnRootCAAddFile(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
const wxString separator(wxT("|"));
wxFileDialog open_dialog(this, _("Add Certificate"), wxEmptyString, wxEmptyString,
_("Certificate Files (*.cer;*.crt;*.der;*.p7b;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.p7b;*.pem") + separator +
_("X.509 Certificate Files (*.cer;*.crt;*.der;*.pem)") + separator + wxT("*.cer;*.crt;*.der;*.pem") + separator +
_("PKCS #7 Certificate Files (*.p7b)") + separator + wxT("*.p7b") + separator +
_("All Files (*.*)") + separator + wxT("*.*"),
wxFD_OPEN|wxFD_FILE_MUST_EXIST|wxFD_MULTIPLE);
if (open_dialog.ShowModal() == wxID_CANCEL) {
event.Skip();
return;
}
wxArrayString paths;
open_dialog.GetPaths(paths);
for (size_t i = 0, i_end = paths.GetCount(); i < i_end; i++) {
// Load certificate(s) from file.
winstd::cert_store cs;
if (cs.create(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, NULL, CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, (LPCTSTR)(paths[i]))) {
for (PCCERT_CONTEXT cert = NULL; (cert = CertEnumCertificatesInStore(cs, cert)) != NULL;)
AddRootCA(cert);
} else
wxMessageBox(wxString::Format(_("Invalid or unsupported certificate file %s"), paths[i]), _("Error"), wxOK | wxICON_EXCLAMATION, this);
}
}
void wxEAPTLSServerTrustPanel::OnRootCARemove(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxArrayInt selections;
for (int i = m_root_ca->GetSelections(selections); i--; )
m_root_ca->Delete(selections[i]);
m_root_ca_remove->Enable(false);
}
bool wxEAPTLSServerTrustPanel::AddRootCA(PCCERT_CONTEXT cert)
{
for (unsigned int i = 0, i_end = m_root_ca->GetCount(); i < i_end; i++) {
wxCertificateClientData *c = dynamic_cast<wxCertificateClientData*>(m_root_ca->GetClientObject(i));
if (c && c->m_cert &&
c->m_cert->cbCertEncoded == cert->cbCertEncoded &&
memcmp(c->m_cert->pbCertEncoded, cert->pbCertEncoded, cert->cbCertEncoded) == 0)
{
// This certificate is already on the list.
m_root_ca->SetSelection(i);
m_root_ca_remove->Enable();
return false;
}
}
// Add certificate to the list.
winstd::tstring name;
if (CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name) > 0) {
int i = m_root_ca->Append(wxString(name), new wxCertificateClientData(CertDuplicateCertificateContext(cert)));
if (0 <= i) {
m_root_ca->SetSelection(i);
m_root_ca_remove->Enable();
}
return true;
}
return false;
}
//////////////////////////////////////////////////////////////////////
// wxEAPTLSConfigPanel
//////////////////////////////////////////////////////////////////////
wxEAPTLSConfigPanel::wxEAPTLSConfigPanel(eap::config_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxPanel(parent)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_server_trust = new wxEAPTLSServerTrustPanel(cfg, this);
if (cfg.m_allow_save) {
sb_content->Add(m_server_trust, 0, wxDOWN|wxEXPAND, 5);
m_credentials = new wxEAPTLSCredentialsConfigPanel(cfg, pszCredTarget, this);
sb_content->Add(m_credentials, 0, wxUP|wxEXPAND, 5);
} else {
sb_content->Add(m_server_trust, 0, wxEXPAND, 5);
m_credentials = NULL;
}
this->SetSizer(sb_content);
this->Layout();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
wxEAPTLSConfigPanel::~wxEAPTLSConfigPanel()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTLSConfigPanel::OnInitDialog));
}
void wxEAPTLSConfigPanel::OnInitDialog(wxInitDialogEvent& event)
{
// Forward the event to child panels.
m_server_trust->GetEventHandler()->ProcessEvent(event);
if (m_credentials)
m_credentials->GetEventHandler()->ProcessEvent(event);
}

36
lib/TTLS/include/Module.h
View File

@@ -35,7 +35,7 @@ namespace eap
namespace eap
{
class peer_ttls : public peer<eap::config_ttls, eap::credentials_ttls, int, int>
class peer_ttls : public peer<config_ttls, credentials_ttls, int, int>
{
public:
///
@@ -75,17 +75,13 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError);
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError);
///
/// Defines the implementation of an EAP method-specific function that retrieves the properties of an EAP method given the connection and user data.
@@ -97,14 +93,12 @@ namespace eap
/// - \c false otherwise. See \p ppEapError for details.
///
virtual bool get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const;
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const;
};
}

2
lib/TTLS/include/Session.h
View File

@@ -33,7 +33,7 @@ namespace eap
namespace eap
{
class session_ttls : public session
class session_ttls : public session<config_ttls, credentials_ttls, int, int>
{
public:
///

10
lib/TTLS/src/Config.cpp
View File

@@ -99,14 +99,14 @@ bool eap::config_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
// <InnerAuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
return false;
}
if (dynamic_cast<const config_pap*>(m_inner)) {
// <InnerAuthenticationMethod>/<NonEAPAuthMethod>
if ((dwResult = eapxml::put_element_value(pDoc, pXmlElInnerAuthenticationMethod, bstr(L"NonEAPAuthMethod"), bstrNamespace, bstr(L"PAP"))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <NonEAPAuthMethod> element."));
return false;
}
@@ -114,7 +114,7 @@ bool eap::config_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfi
if (!m_inner->save(pDoc, pXmlElInnerAuthenticationMethod, ppEapError))
return false;
} else {
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Unsupported inner authentication method."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
return false;
}
@@ -133,7 +133,7 @@ bool eap::config_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppE
// Load inner authentication configuration (<InnerAuthenticationMethod>).
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}
@@ -155,7 +155,7 @@ bool eap::config_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppE
if (!m_inner->load(pXmlElInnerAuthenticationMethod, ppEapError))
return false;
} else {
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Unsupported inner authentication method."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Unsupported inner authentication method."));
return false;
}

6
lib/TTLS/src/Credentials.cpp
View File

@@ -108,7 +108,7 @@ bool eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
// <InnerAuthenticationMethod>
winstd::com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::create_element(pDoc, winstd::bstr(L"InnerAuthenticationMethod"), bstrNamespace, &pXmlElInnerAuthenticationMethod))) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(dwResult, _T(__FUNCTION__) _T(" Error creating <InnerAuthenticationMethod> element."));
return false;
}
@@ -116,7 +116,7 @@ bool eap::credentials_ttls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *p
return false;
if (FAILED(hr = pConfigRoot->appendChild(pXmlElInnerAuthenticationMethod, NULL))) {
*ppEapError = m_module.make_error(HRESULT_CODE(hr), 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(HRESULT_CODE(hr), _T(__FUNCTION__) _T(" Error appending <InnerAuthenticationMethod> element."));
return false;
}
}
@@ -136,7 +136,7 @@ bool eap::credentials_ttls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR
if (m_inner) {
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
if ((dwResult = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), &pXmlElInnerAuthenticationMethod)) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), NULL);
*ppEapError = m_module.make_error(ERROR_NOT_FOUND, _T(__FUNCTION__) _T(" Error selecting <InnerAuthenticationMethod> element."), _T("Please make sure profile XML is a valid ") _T(PRODUCT_NAME_STR) _T(" profile XML document."));
return false;
}

52
lib/TTLS/src/Module.cpp
View File

@@ -59,56 +59,44 @@ bool eap::peer_ttls::shutdown(_Out_ EAP_ERROR **ppEapError)
bool eap::peer_ttls::get_identity(
_In_ DWORD dwFlags,
_In_ DWORD dwConnectionDataSize,
_In_count_(dwConnectionDataSize) const BYTE *pConnectionData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ DWORD *pdwUserDataOutSize,
_Out_ BYTE **ppUserDataOut,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError)
_In_ DWORD dwFlags,
_In_ const config_type &cfg,
_Inout_ identity_type &usr,
_In_ HANDLE hTokenImpersonateUser,
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity,
_Out_ EAP_ERROR **ppEapError)
{
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(dwConnectionDataSize);
UNREFERENCED_PARAMETER(pConnectionData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(cfg);
UNREFERENCED_PARAMETER(usr);
UNREFERENCED_PARAMETER(hTokenImpersonateUser);
UNREFERENCED_PARAMETER(pfInvokeUI);
UNREFERENCED_PARAMETER(pdwUserDataOutSize);
UNREFERENCED_PARAMETER(ppUserDataOut);
UNREFERENCED_PARAMETER(ppwszIdentity);
UNREFERENCED_PARAMETER(ppEapError);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}
bool eap::peer_ttls::get_method_properties(
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ DWORD dwEapConnDataSize,
_In_count_(dwEapConnDataSize) const BYTE *pEapConnData,
_In_ DWORD dwUserDataSize,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const
_In_ DWORD dwVersion,
_In_ DWORD dwFlags,
_In_ HANDLE hUserImpersonationToken,
_In_ const config_type &cfg,
_In_ const identity_type &usr,
_Out_ EAP_METHOD_PROPERTY_ARRAY *pMethodPropertyArray,
_Out_ EAP_ERROR **ppEapError) const
{
UNREFERENCED_PARAMETER(dwVersion);
UNREFERENCED_PARAMETER(dwFlags);
UNREFERENCED_PARAMETER(hUserImpersonationToken);
UNREFERENCED_PARAMETER(dwEapConnDataSize);
UNREFERENCED_PARAMETER(pEapConnData);
UNREFERENCED_PARAMETER(dwUserDataSize);
UNREFERENCED_PARAMETER(pUserData);
UNREFERENCED_PARAMETER(cfg);
UNREFERENCED_PARAMETER(usr);
UNREFERENCED_PARAMETER(pMethodPropertyArray);
UNREFERENCED_PARAMETER(ppEapError);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Not supported."), NULL);
*ppEapError = make_error(ERROR_NOT_SUPPORTED, _T(__FUNCTION__) _T(" Not supported."));
return false;
}

10
lib/TTLS/src/Session.cpp
View File

@@ -28,19 +28,19 @@ using namespace winstd;
// eap::session_ttls
//////////////////////////////////////////////////////////////////////
eap::session_ttls::session_ttls(_In_ module &mod) : session(mod)
eap::session_ttls::session_ttls(_In_ module &mod) : session<config_ttls, credentials_ttls, int, int>(mod)
{
}
eap::session_ttls::session_ttls(_In_ const session_ttls &other) :
session(other)
session<config_ttls, credentials_ttls, int, int>(other)
{
}
eap::session_ttls::session_ttls(_Inout_ session_ttls &&other) :
session(std::move(other))
session<config_ttls, credentials_ttls, int, int>(std::move(other))
{
}
@@ -48,7 +48,7 @@ eap::session_ttls::session_ttls(_Inout_ session_ttls &&other) :
eap::session_ttls& eap::session_ttls::operator=(_In_ const session_ttls &other)
{
if (this != &other)
(session&)*this = other;
(session<config_ttls, credentials_ttls, int, int>&)*this = other;
return *this;
}
@@ -57,7 +57,7 @@ eap::session_ttls& eap::session_ttls::operator=(_In_ const session_ttls &other)
eap::session_ttls& eap::session_ttls::operator=(_Inout_ session_ttls &&other)
{
if (this != &other)
(session&)*this = std::move(other);
(session<config_ttls, credentials_ttls, int, int>&)*this = std::move(other);
return *this;
}

1
lib/TTLS_UI/build/TTLS_UI.vcxproj
View File

@@ -87,7 +87,6 @@
<ItemGroup>
<ClCompile Include="..\res\wxTTLS_UI.cpp" />
<ClCompile Include="..\src\Module.cpp" />
<ClCompile Include="..\src\TTLS_UI.cpp" />
<ClCompile Include="..\src\StdAfx.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>

3
lib/TTLS_UI/build/TTLS_UI.vcxproj.filters
View File

@@ -32,9 +32,6 @@
<ClCompile Include="..\src\StdAfx.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\TTLS_UI.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\res\wxTTLS_UI.cpp">
<Filter>Source Files</Filter>
</ClCompile>

198
lib/TTLS_UI/include/TTLS_UI.h
View File

@@ -21,12 +21,12 @@
///
/// EAPTTLS configuration panel
///
class wxEAPTTLSConfigPanel;
template <class _Tprov> class wxEAPTTLSConfigPanel;
///
/// EAPTTLS configuration
///
class wxEAPTTLSConfig;
template <class _Tprov> class wxEAPTTLSConfig;
#pragma once
@@ -46,28 +46,89 @@ class wxEAPTTLSConfig;
#include <Windows.h>
template <class _Tprov>
class wxEAPTTLSConfigPanel : public wxEAPTTLSConfigPanelBase
{
public:
///
/// Constructs a configuration panel
///
wxEAPTTLSConfigPanel(eap::config_ttls &cfg, wxWindow* parent);
wxEAPTTLSConfigPanel(_Tprov &prov, eap::config_ttls &cfg, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
wxEAPTTLSConfigPanelBase(parent)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_outer_identity_icon, m_icon, m_shell32, MAKEINTRESOURCE(265));
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual void OnOuterIdentityCustom(wxCommandEvent& event);
virtual bool TransferDataToWindow()
{
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_outer_identity_same ->Enable(false);
m_outer_identity_empty ->Enable(false);
m_outer_identity_custom ->Enable(false);
m_outer_identity_custom_val->Enable(false);
}
// Populate identity controls.
if (m_cfg.m_anonymous_identity.empty()) {
m_outer_identity_same->SetValue(true);
} else if (m_cfg.m_anonymous_identity == L"@") {
m_outer_identity_empty->SetValue(true);
} else {
m_outer_identity_custom->SetValue(true);
m_outer_identity_custom_val->SetValue(m_cfg.m_anonymous_identity);
}
return wxEAPTTLSConfigPanelBase::TransferDataToWindow();
}
virtual bool TransferDataFromWindow()
{
wxCHECK(wxEAPTTLSConfigPanelBase::TransferDataFromWindow(), false);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
if (m_outer_identity_same->GetValue())
m_cfg.m_anonymous_identity.clear();
else if (m_outer_identity_empty->GetValue())
m_cfg.m_anonymous_identity = L"@";
else
m_cfg.m_anonymous_identity = m_outer_identity_custom_val->GetValue();
}
return true;
}
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Selectively enable/disable controls.
m_outer_identity_custom_val->Enable(m_outer_identity_custom->GetValue());
}
}
/// \endcond
protected:
eap::config_ttls &m_cfg; ///< TLS configuration
_Tprov &m_prov; ///< EAP provider
eap::config_ttls &m_cfg; ///< TTLS configuration
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
};
template <class _Tprov>
class wxEAPTTLSConfig : public wxScrolledWindow
{
public:
@@ -78,25 +139,134 @@ public:
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window
///
wxEAPTTLSConfig(eap::config_ttls &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
wxEAPTTLSConfig(_Tprov &prov, eap::config_ttls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
m_cfg_pap(cfg.m_module),
wxScrolledWindow(parent, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxVSCROLL)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
if (prov.m_read_only)
sb_content->Add(new wxEAPProviderLocked<_Tprov>(prov, this), 0, wxALL|wxEXPAND, 5);
m_inner_title = new wxStaticText(this, wxID_ANY, _("Inner Authentication"), wxDefaultPosition, wxDefaultSize, 0);
m_inner_title->SetFont(wxFont(18, wxFONTFAMILY_DEFAULT, wxFONTSTYLE_NORMAL, wxFONTWEIGHT_NORMAL, false, wxEmptyString));
m_inner_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_inner_title, 0, wxALL|wxALIGN_RIGHT, 5);
m_inner_type = new wxChoicebook(this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxCHB_DEFAULT);
m_inner_type->SetToolTip( _("Select inner authentication method from the list") );
m_inner_type->AddPage(new wxPAPConfigPanel<_Tprov>(prov, m_cfg_pap, pszCredTarget, m_inner_type), _("PAP"));
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
m_outer_title = new wxStaticText(this, wxID_ANY, _("Outer Authentication"), wxDefaultPosition, wxDefaultSize, 0);
m_outer_title->SetFont(wxFont(18, wxFONTFAMILY_DEFAULT, wxFONTSTYLE_NORMAL, wxFONTWEIGHT_NORMAL, false, wxEmptyString));
m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5);
m_outer_identity = new wxEAPTTLSConfigPanel<_Tprov>(prov, m_cfg, this);
sb_content->Add(m_outer_identity, 0, wxALL|wxEXPAND, 5);
m_tls = new wxEAPTLSConfigPanel<_Tprov>(prov, m_cfg, pszCredTarget, this);
sb_content->Add(m_tls, 0, wxALL|wxEXPAND, 5);
wxSize size = sb_content->CalcMin();
if (size.y > 500) {
// Increase the width to allow space for vertical scroll bar (to prevent horizontal one) and truncate the height.
size.x += wxSystemSettings::GetMetric(wxSYS_VSCROLL_X, this);
size.y = 500;
}
this->SetMinSize(size);
this->SetScrollRate(5, 5);
this->SetSizer(sb_content);
this->Layout();
m_inner_type->SetFocusFromKbd();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTTLSConfig::OnInitDialog));
}
///
/// Destructs the configuration panel
///
virtual ~wxEAPTTLSConfig();
virtual ~wxEAPTTLSConfig()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTTLSConfig::OnInitDialog));
}
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual bool TransferDataToWindow()
{
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_inner_type->GetChoiceCtrl()->Enable(false);
}
eap::config_pap *cfg_pap = dynamic_cast<eap::config_pap*>(m_cfg.m_inner);
if (cfg_pap) {
m_cfg_pap = *cfg_pap;
m_inner_type->SetSelection(0); // 0=PAP
} else
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
// This will handle wxEAPTTLSConfig::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
return true /*wxScrolledWindow::TransferDataToWindow()*/;
}
virtual bool TransferDataFromWindow()
{
wxCHECK(wxScrolledWindow::TransferDataFromWindow(), false);
if (!m_prov.m_read_only) {
// This is not a provider-locked configuration. Save the data.
switch (m_inner_type->GetSelection()) {
case 0: // 0=PAP
delete m_cfg.m_inner;
m_cfg.m_inner = new eap::config_pap(m_cfg_pap);
break;
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
}
}
return true;
}
virtual void OnInitDialog(wxInitDialogEvent& event)
{
// Call TransferDataToWindow() manually, as wxScrolledWindow somehow skips that.
TransferDataToWindow();
// Forward the event to child panels.
m_outer_identity->GetEventHandler()->ProcessEvent(event);
m_tls->GetEventHandler()->ProcessEvent(event);
for (wxWindowList::compatibility_iterator inner = m_inner_type->GetChildren().GetFirst(); inner; inner = inner->GetNext())
inner->GetData()->GetEventHandler()->ProcessEvent(event);
}
/// \endcond
protected:
_Tprov &m_prov; ///< EAP provider
eap::config_ttls &m_cfg; ///< TTLS configuration
wxStaticText *m_outer_title; ///< Outer authentication title
wxEAPTTLSConfigPanel *m_outer_identity; ///< Outer identity configuration panel
wxEAPTLSConfigPanel *m_tls; ///< TLS configuration panel
wxEAPTTLSConfigPanel<_Tprov> *m_outer_identity; ///< Outer identity configuration panel
wxEAPTLSConfigPanel<_Tprov> *m_tls; ///< TLS configuration panel
wxStaticText *m_inner_title; ///< Inner authentication title
wxChoicebook *m_inner_type; ///< Inner authentication type

4
lib/TTLS_UI/res/wxTTLS_UI.cpp
View File

@@ -72,12 +72,12 @@ wxEAPTTLSConfigPanelBase::wxEAPTTLSConfigPanelBase( wxWindow* parent, wxWindowID
this->Layout();
// Connect Events
m_outer_identity_custom->Connect( wxEVT_COMMAND_RADIOBUTTON_SELECTED, wxCommandEventHandler( wxEAPTTLSConfigPanelBase::OnOuterIdentityCustom ), NULL, this );
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTTLSConfigPanelBase::OnUpdateUI ) );
}
wxEAPTTLSConfigPanelBase::~wxEAPTTLSConfigPanelBase()
{
// Disconnect Events
m_outer_identity_custom->Disconnect( wxEVT_COMMAND_RADIOBUTTON_SELECTED, wxCommandEventHandler( wxEAPTTLSConfigPanelBase::OnOuterIdentityCustom ), NULL, this );
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTTLSConfigPanelBase::OnUpdateUI ) );
}

4
lib/TTLS_UI/res/wxTTLS_UI.fbp
View File

@@ -77,7 +77,7 @@
<event name="OnRightUp"></event>
<event name="OnSetFocus"></event>
<event name="OnSize"></event>
<event name="OnUpdateUI"></event>
<event name="OnUpdateUI">OnUpdateUI</event>
<object class="wxStaticBoxSizer" expanded="1">
<property name="id">wxID_ANY</property>
<property name="label">Outer Identity</property>
@@ -541,7 +541,7 @@
<event name="OnMouseEvents"></event>
<event name="OnMouseWheel"></event>
<event name="OnPaint"></event>
<event name="OnRadioButton">OnOuterIdentityCustom</event>
<event name="OnRadioButton"></event>
<event name="OnRightDClick"></event>
<event name="OnRightDown"></event>
<event name="OnRightUp"></event>

2
lib/TTLS_UI/res/wxTTLS_UI.h
View File

@@ -45,7 +45,7 @@ class wxEAPTTLSConfigPanelBase : public wxPanel
wxTextCtrl* m_outer_identity_custom_val;
// Virtual event handlers, overide them in your derived class
virtual void OnOuterIdentityCustom( wxCommandEvent& event ) { event.Skip(); }
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:

4
lib/TTLS_UI/src/Module.cpp
View File

@@ -50,7 +50,7 @@ bool eap::peer_ttls_ui::invoke_config_ui(
wxTopLevelWindows.Append(&parent);
// Create and launch configuration dialog.
wxEAPConfigDialog<config_ttls, wxEAPTTLSConfig> dlg(cfg, &parent);
wxEAPConfigDialog<config_ttls, wxEAPTTLSConfig<provider_config_type> > dlg(cfg, &parent);
result = dlg.ShowModal();
wxTopLevelWindows.DeleteObject(&parent);
@@ -60,7 +60,7 @@ bool eap::peer_ttls_ui::invoke_config_ui(
// Clean-up and return.
wxEntryCleanup();
if (result != wxID_OK) {
*ppEapError = make_error(ERROR_CANCELLED, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Cancelled."), NULL);
*ppEapError = make_error(ERROR_CANCELLED, _T(__FUNCTION__) _T(" Cancelled."));
return false;
}

184
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@@ -1,184 +0,0 @@
/*
Copyright 2015-2016 Amebis
Copyright 2016 GÉANT
This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/
#include "StdAfx.h"
//////////////////////////////////////////////////////////////////////
// wxEAPTTLSConfigPanel
//////////////////////////////////////////////////////////////////////
wxEAPTTLSConfigPanel::wxEAPTTLSConfigPanel(eap::config_ttls &cfg, wxWindow* parent) :
m_cfg(cfg),
wxEAPTTLSConfigPanelBase(parent)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_outer_identity_icon, m_icon, m_shell32, MAKEINTRESOURCE(265));
}
bool wxEAPTTLSConfigPanel::TransferDataToWindow()
{
wxCHECK(wxEAPTTLSConfigPanelBase::TransferDataToWindow(), false);
// Populate identity controls.
if (m_cfg.m_anonymous_identity.empty()) {
m_outer_identity_same->SetValue(true);
m_outer_identity_custom_val->Enable(false);
} else if (m_cfg.m_anonymous_identity == L"@") {
m_outer_identity_empty->SetValue(true);
m_outer_identity_custom_val->Enable(false);
} else {
m_outer_identity_custom->SetValue(true);
m_outer_identity_custom_val->Enable(true);
m_outer_identity_custom_val->SetValue(m_cfg.m_anonymous_identity);
}
return true;
}
bool wxEAPTTLSConfigPanel::TransferDataFromWindow()
{
if (m_outer_identity_same->GetValue())
m_cfg.m_anonymous_identity.clear();
else if (m_outer_identity_empty->GetValue())
m_cfg.m_anonymous_identity = L"@";
else
m_cfg.m_anonymous_identity = m_outer_identity_custom_val->GetValue();
return wxEAPTTLSConfigPanelBase::TransferDataFromWindow();
}
void wxEAPTTLSConfigPanel::OnOuterIdentityCustom(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
m_outer_identity_custom_val->Enable(m_outer_identity_custom->GetValue());
}
//////////////////////////////////////////////////////////////////////
// wxEAPTTLSConfig
//////////////////////////////////////////////////////////////////////
wxEAPTTLSConfig::wxEAPTTLSConfig(eap::config_ttls &cfg, LPCTSTR pszCredTarget, wxWindow* parent) :
m_cfg(cfg),
m_cfg_pap(cfg.m_module),
wxScrolledWindow(parent, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxVSCROLL)
{
wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL );
m_inner_title = new wxStaticText(this, wxID_ANY, _("Inner Authentication"), wxDefaultPosition, wxDefaultSize, 0);
m_inner_title->SetFont(wxFont(18, wxFONTFAMILY_DEFAULT, wxFONTSTYLE_NORMAL, wxFONTWEIGHT_NORMAL, false, wxEmptyString));
m_inner_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_inner_title, 0, wxALL|wxALIGN_RIGHT, 5);
m_inner_type = new wxChoicebook(this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxCHB_DEFAULT);
m_inner_type->SetToolTip( _("Select inner authentication method from the list") );
m_inner_type->AddPage(new wxPAPConfigPanel(m_cfg_pap, pszCredTarget, m_inner_type), _("PAP"));
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
m_outer_title = new wxStaticText(this, wxID_ANY, _("Outer Authentication"), wxDefaultPosition, wxDefaultSize, 0);
m_outer_title->SetFont(wxFont(18, wxFONTFAMILY_DEFAULT, wxFONTSTYLE_NORMAL, wxFONTWEIGHT_NORMAL, false, wxEmptyString));
m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5);
m_outer_identity = new wxEAPTTLSConfigPanel(m_cfg, this);
sb_content->Add(m_outer_identity, 0, wxALL|wxEXPAND, 5);
m_tls = new wxEAPTLSConfigPanel(m_cfg, pszCredTarget, this);
sb_content->Add(m_tls, 0, wxALL|wxEXPAND, 5);
wxSize size = sb_content->CalcMin();
if (size.y > 500) {
// Increase the width to allow space for vertical scroll bar (to prevent horizontal one) and truncate the height.
size.x += wxSystemSettings::GetMetric(wxSYS_VSCROLL_X, this);
size.y = 500;
}
this->SetMinSize(size);
this->SetScrollRate(5, 5);
this->SetSizer(sb_content);
this->Layout();
m_outer_identity->SetFocusFromKbd();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTTLSConfig::OnInitDialog));
}
wxEAPTTLSConfig::~wxEAPTTLSConfig()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPTTLSConfig::OnInitDialog));
}
bool wxEAPTTLSConfig::TransferDataToWindow()
{
eap::config_pap *cfg_pap = dynamic_cast<eap::config_pap*>(m_cfg.m_inner);
if (cfg_pap) {
m_cfg_pap = *cfg_pap;
m_inner_type->SetSelection(0); // 0=PAP
} else
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
// Do not invoke inherited TransferDataToWindow(), as it will call others TransferDataToWindow().
// This will handle wxEAPTTLSConfig::OnInitDialog() via wxEVT_INIT_DIALOG forwarding.
return true /*wxScrolledWindow::TransferDataToWindow()*/;
}
bool wxEAPTTLSConfig::TransferDataFromWindow()
{
wxCHECK(wxScrolledWindow::TransferDataFromWindow(), false);
switch (m_inner_type->GetSelection()) {
case 0: // 0=PAP
delete m_cfg.m_inner;
m_cfg.m_inner = new eap::config_pap(m_cfg_pap);
break;
default:
wxFAIL_MSG(wxT("Unsupported inner authentication method type."));
}
return true;
}
void wxEAPTTLSConfig::OnInitDialog(wxInitDialogEvent& event)
{
// Call TransferDataToWindow() manually, as wxScrolledWindow somehow skips that.
TransferDataToWindow();
// Forward the event to child panels.
m_outer_identity->GetEventHandler()->ProcessEvent(event);
m_tls->GetEventHandler()->ProcessEvent(event);
for (wxWindowList::compatibility_iterator inner = m_inner_type->GetChildren().GetFirst(); inner; inner = inner->GetNext())
inner->GetData()->GetEventHandler()->ProcessEvent(event);
}

2
lib/WinStd

Submodule lib/WinStd updated: 7510410b56...5c03df0d74