Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Compare commits

base: Amebis:1.0-alpha7
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0
..
compare: Amebis:1.0-alpha10-owntls
Branches Tags
Amebis:master Amebis:ver1.0 Amebis:ver1.1
Amebis:1.3g Amebis:1.3f Amebis:1.3e Amebis:1.3d Amebis:1.3c Amebis:1.3b Amebis:1.3a Amebis:1.3 Amebis:1.2g Amebis:1.2f Amebis:1.1h Amebis:1.0i Amebis:1.2e Amebis:1.1g Amebis:1.0h Amebis:1.2d Amebis:1.1f Amebis:1.0g Amebis:1.2c Amebis:1.1e Amebis:1.0f Amebis:1.2b Amebis:1.1d Amebis:1.0e Amebis:1.2a Amebis:1.1c Amebis:1.0d Amebis:1.2 Amebis:1.1b Amebis:1.0c Amebis:1.2-beta2 Amebis:1.2-beta1 Amebis:1.2-beta Amebis:1.1a Amebis:1.0b Amebis:1.1 Amebis:1.1-beta2 Amebis:1.1-beta1 Amebis:1.0a Amebis:1.1-beta Amebis:1.0 Amebis:1.0-beta8 Amebis:1.0-beta7 Amebis:1.0-beta6 Amebis:1.0-beta5 Amebis:1.0-beta4 Amebis:1.0-beta3 Amebis:1.0-beta2 Amebis:1.0-beta1 Amebis:1.0-beta Amebis:1.0-alpha17 Amebis:1.0-alpha16 Amebis:1.0-alpha15 Amebis:1.0-alpha14 Amebis:1.0-alpha13 Amebis:1.0-alpha12 Amebis:1.0-alpha11 Amebis:1.0-alpha10 Amebis:1.0-alpha10-owntls Amebis:1.0-alpha9 Amebis:1.0-alpha8 Amebis:1.0-alpha7 Amebis:1.0-alpha6 Amebis:1.0-alpha5 Amebis:1.0-alpha4 Amebis:1.0-alpha3 Amebis:1.0-alpha2 Amebis:1.0-alpha1 Amebis:1.0-alpha0

25 Commits
1.0-alpha7 ... 1.0-alpha1

Author SHA1 Message Date
Simon Rozman
e4c3f5cbd8 Version set to 1.0-alpha10-owntls 2016-08-23 14:52:26 +02:00
Simon Rozman
1df98af5a1 Event descriptors updated 2016-08-23 14:48:47 +02:00
Simon Rozman
3cbd749966 Sub-module update 2016-08-23 14:46:06 +02:00
Simon Rozman
2125679385 Server certificate name check extended to search for the name in the subjectAltName(2) extension first; only when none present, compares against Common Name 2016-08-23 14:43:07 +02:00
Simon Rozman
fb5d969c2b Support for the wild-char certificate names dropped 2016-08-23 14:42:43 +02:00
Simon Rozman
f39cb94ee5 Server names can be Unicode now 2016-08-23 14:42:11 +02:00
Simon Rozman
59768e8097 Cipher suite list size is now in number of elements, not bytes 2016-08-23 14:41:25 +02:00
Simon Rozman
5720524abe Version set to 1.0-alpha9 2016-08-18 06:33:02 +02:00
Simon Rozman
1f1b9b1084 GUI boots with a predefined configuration on new profiles now 
(closes #10)
 2016-08-18 06:31:16 +02:00
Simon Rozman
076c6b77d7 GUI updated to show "<Your Provider>" when provider ID is blank 2016-08-18 06:30:02 +02:00
Simon Rozman
92460c571f Initial focus changed to the first non-mouse-wheel-capturing control to allow initial scrolling of the configuration dialog using mouse wheel 2016-08-17 16:42:19 +02:00
Simon Rozman
b79a2f26f6 Support for read-only lock added to GUI 2016-08-17 16:27:43 +02:00
Simon Rozman
373c83dbbe Provider identity and help-desk is configurable via GUI now 2016-08-17 15:56:11 +02:00
Simon Rozman
543dada025 Provider and method lists are arrays now, to allow random access for configuration dialog coming-up 2016-08-17 14:47:15 +02:00
Simon Rozman
ce22ec3bfa wxEAPCredentialsPanelPassBase >> wxEAPCredentialsPassPanelBase 2016-08-17 13:48:14 +02:00
Simon Rozman
a04647b7b5 Version set to 1.0-alpha8 2016-08-17 11:51:36 +02:00
Simon Rozman
df1d431bd0 - TLS revised (again) 
- TLS Session resumption issues resolved
- Credential prompt has "Remember" checkbox initially selected when credentials originate from Windows Credential Manager
- Last authentication attempt failure notice is more general and no longer insinuate user credentials are the likely cause of the failure
- Additional log messages added
 2016-08-17 11:50:34 +02:00
Simon Rozman
16527c8124 Client explicitly refuses to accept change cipher spec if no or NULL cipher was proposed now 2016-08-17 09:32:43 +02:00
Simon Rozman
69e6b775f8 Hello requests are no longer included in the handshake hashing (as per RFC) 2016-08-17 09:29:55 +02:00
Simon Rozman
c69316071f Support for encrypted change cipher spec messages added 2016-08-17 09:26:46 +02:00
Simon Rozman
a02d1e7094 Explicit checks on server certificate chain added: 
- Certificate can not be self-signed: Cannot check trust against configured root CAs when server certificate is self-signed
- Server can provide full certificate chain up-to and including root CA. Importing root CA to the store for certificate chain validation would implicitly trust this certificate chain. Thus, we skip all self-signed certificates on import.
 2016-08-17 09:22:38 +02:00
Simon Rozman
078636eb14 make_change_chiper_spec() removed as this message can simply be created using make_message() 2016-08-17 09:09:42 +02:00
Simon Rozman
cabae26e0b Flags describing handshake messages received assembled in a boolean table of flags 2016-08-17 09:01:11 +02:00
Simon Rozman
7376693838 Additional constants 2016-08-17 08:34:25 +02:00
Simon Rozman
a5b3914a09 Comments and some minor clean-up 2016-08-16 22:27:30 +02:00
33 changed files with 7405 additions and 5062 deletions
Expand all files Collapse all files

10
include/Version.h
View File

@@ -29,7 +29,7 @@
// Product version as a single DWORD // Product version as a single DWORD
// Note: Used for version comparison within C/C++ code. // Note: Used for version comparison within C/C++ code.
// //
#define PRODUCT_VERSION 0x00ff0700 #define PRODUCT_VERSION 0x00ff0a00
// //
// Product version by components // Product version by components
@@ -39,26 +39,26 @@
// //
#define PRODUCT_VERSION_MAJ 0 #define PRODUCT_VERSION_MAJ 0
#define PRODUCT_VERSION_MIN 255 #define PRODUCT_VERSION_MIN 255
#define PRODUCT_VERSION_REV 7 #define PRODUCT_VERSION_REV 10
#define PRODUCT_VERSION_BUILD 0 #define PRODUCT_VERSION_BUILD 0
// //
// Human readable product version and build year for UI // Human readable product version and build year for UI
// //
#define PRODUCT_VERSION_STR "1.0-alpha7" #define PRODUCT_VERSION_STR "1.0-alpha10-owntls"
#define PRODUCT_BUILD_YEAR_STR "2016" #define PRODUCT_BUILD_YEAR_STR "2016"
// //
// Numerical version presentation for ProductVersion propery in // Numerical version presentation for ProductVersion propery in
// MSI packages (syntax: N.N[.N[.N]]) // MSI packages (syntax: N.N[.N[.N]])
// //
#define PRODUCT_VERSION_INST "0.255.7" #define PRODUCT_VERSION_INST "0.255.10"
// //
// The product code for ProductCode property in MSI packages // The product code for ProductCode property in MSI packages
// Replace with new on every version change, regardless how minor it is. // Replace with new on every version change, regardless how minor it is.
// //
#define PRODUCT_VERSION_GUID "{54C2BA4B-EFC8-4F3E-A838-28744134A136}" #define PRODUCT_VERSION_GUID "{C3675615-0D70-47C7-9BCB-B683A77C6ED6}"
// //
// Since the product name is not finally confirmed at the time of // Since the product name is not finally confirmed at the time of

7
lib/EAPBase/include/Config.h
View File

@@ -89,7 +89,6 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::config &val);
#include <eaptypes.h> // Must include after <Windows.h> #include <eaptypes.h> // Must include after <Windows.h>
#include <tchar.h> #include <tchar.h>
#include <list>
#include <string> #include <string>
#include <memory> #include <memory>
@@ -342,7 +341,7 @@ namespace eap
bool m_allow_save; ///< Are credentials allowed to be saved to Windows Credential Manager? bool m_allow_save; ///< Are credentials allowed to be saved to Windows Credential Manager?
bool m_use_preshared; ///< Use pre-shared credentials bool m_use_preshared; ///< Use pre-shared credentials
std::unique_ptr<credentials> m_preshared; ///< Pre-shared credentials std::unique_ptr<credentials> m_preshared; ///< Pre-shared credentials
bool m_cred_failed; ///< Did credential fail last time? bool m_auth_failed; ///< Did credential fail last time?
}; };
@@ -451,7 +450,7 @@ namespace eap
winstd::tstring m_lbl_alt_credential; ///< Alternative label for credential prompt winstd::tstring m_lbl_alt_credential; ///< Alternative label for credential prompt
winstd::tstring m_lbl_alt_identity; ///< Alternative label for identity prompt winstd::tstring m_lbl_alt_identity; ///< Alternative label for identity prompt
winstd::tstring m_lbl_alt_password; ///< Alternative label for password prompt winstd::tstring m_lbl_alt_password; ///< Alternative label for password prompt
std::list<std::unique_ptr<config_method> > m_methods; ///< List of method configurations std::vector<std::unique_ptr<config_method> > m_methods; ///< Array of method configurations
}; };
@@ -551,7 +550,7 @@ namespace eap
/// @} /// @}
public: public:
std::list<eap::config_provider> m_providers; ///< List of provider configurations std::vector<eap::config_provider> m_providers; ///< Array of provider configurations
}; };
} }

32
lib/EAPBase/include/Credentials.h
View File

@@ -54,6 +54,18 @@ namespace eap
{ {
class credentials : public config class credentials : public config
{ {
public:
///
/// Credential source when combined
///
enum source_t {
source_unknown = -1, ///< Unknown source
source_cache = 0, ///< Credentials were obtained from EAPHost cache
source_preshared, ///< Credentials were set by method configuration
source_storage ///< Credentials were loaded from Windows Credential Manager
};
public: public:
/// ///
/// Constructs credentials /// Constructs credentials
@@ -158,26 +170,6 @@ namespace eap
/// Returns credential name (for GUI display). /// Returns credential name (for GUI display).
/// ///
virtual winstd::tstring get_name() const; virtual winstd::tstring get_name() const;
///
/// Combine credentials in the following order:
///
/// 1. Cached credentials
/// 2. Pre-configured credentials
/// 3. Stored credentials
///
/// \param[in] cred_cached Cached credentials (optional, can be \c NULL)
/// \param[in] cfg Method configuration
/// \param[in] pszTargetName The name in Windows Credential Manager to retrieve credentials from (optional, can be \c NULL)
///
/// \returns
/// - \c true if credentials were set;
/// - \c false otherwise
///
virtual bool combine(
_In_ const credentials *cred_cached,
_In_ config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName);
}; };

26
lib/EAPBase/src/Config.cpp
View File

@@ -139,7 +139,7 @@ eap::config_method& eap::config_method::operator=(_Inout_ config_method &&other)
eap::config_method_with_cred::config_method_with_cred(_In_ module &mod) : eap::config_method_with_cred::config_method_with_cred(_In_ module &mod) :
m_allow_save(true), m_allow_save(true),
m_use_preshared(false), m_use_preshared(false),
m_cred_failed(false), m_auth_failed(false),
config_method(mod) config_method(mod)
{ {
} }
@@ -149,7 +149,7 @@ eap::config_method_with_cred::config_method_with_cred(_In_ const config_method_w
m_allow_save(other.m_allow_save), m_allow_save(other.m_allow_save),
m_use_preshared(other.m_use_preshared), m_use_preshared(other.m_use_preshared),
m_preshared(other.m_preshared ? (credentials*)other.m_preshared->clone() : nullptr), m_preshared(other.m_preshared ? (credentials*)other.m_preshared->clone() : nullptr),
m_cred_failed(other.m_cred_failed), m_auth_failed(other.m_auth_failed),
config_method(other) config_method(other)
{ {
} }
@@ -159,7 +159,7 @@ eap::config_method_with_cred::config_method_with_cred(_Inout_ config_method_with
m_allow_save(std::move(other.m_allow_save)), m_allow_save(std::move(other.m_allow_save)),
m_use_preshared(std::move(other.m_use_preshared)), m_use_preshared(std::move(other.m_use_preshared)),
m_preshared(std::move(other.m_preshared)), m_preshared(std::move(other.m_preshared)),
m_cred_failed(std::move(other.m_cred_failed)), m_auth_failed(std::move(other.m_auth_failed)),
config_method(std::move(other)) config_method(std::move(other))
{ {
} }
@@ -172,7 +172,7 @@ eap::config_method_with_cred& eap::config_method_with_cred::operator=(_In_ const
m_allow_save = other.m_allow_save; m_allow_save = other.m_allow_save;
m_use_preshared = other.m_use_preshared; m_use_preshared = other.m_use_preshared;
m_preshared.reset(other.m_preshared ? (credentials*)other.m_preshared->clone() : nullptr); m_preshared.reset(other.m_preshared ? (credentials*)other.m_preshared->clone() : nullptr);
m_cred_failed = other.m_cred_failed; m_auth_failed = other.m_auth_failed;
} }
return *this; return *this;
@@ -186,7 +186,7 @@ eap::config_method_with_cred& eap::config_method_with_cred::operator=(_Inout_ co
m_allow_save = std::move(other.m_allow_save ); m_allow_save = std::move(other.m_allow_save );
m_use_preshared = std::move(other.m_use_preshared); m_use_preshared = std::move(other.m_use_preshared);
m_preshared = std::move(other.m_preshared ); m_preshared = std::move(other.m_preshared );
m_cred_failed = std::move(other.m_cred_failed ); m_auth_failed = std::move(other.m_auth_failed );
} }
return *this; return *this;
@@ -248,7 +248,7 @@ void eap::config_method_with_cred::operator<<(_Inout_ cursor_out &cursor) const
cursor << m_allow_save; cursor << m_allow_save;
cursor << m_use_preshared; cursor << m_use_preshared;
cursor << *m_preshared; cursor << *m_preshared;
cursor << m_cred_failed; cursor << m_auth_failed;
} }
@@ -259,7 +259,7 @@ size_t eap::config_method_with_cred::get_pk_size() const
pksizeof(m_allow_save ) + pksizeof(m_allow_save ) +
pksizeof(m_use_preshared) + pksizeof(m_use_preshared) +
pksizeof(*m_preshared ) + pksizeof(*m_preshared ) +
pksizeof(m_cred_failed ); pksizeof(m_auth_failed );
} }
@@ -269,7 +269,7 @@ void eap::config_method_with_cred::operator>>(_Inout_ cursor_in &cursor)
cursor >> m_allow_save; cursor >> m_allow_save;
cursor >> m_use_preshared; cursor >> m_use_preshared;
cursor >> *m_preshared; cursor >> *m_preshared;
cursor >> m_cred_failed; cursor >> m_auth_failed;
} }
@@ -296,7 +296,8 @@ eap::config_provider::config_provider(_In_ const config_provider &other) :
m_lbl_alt_password(other.m_lbl_alt_password), m_lbl_alt_password(other.m_lbl_alt_password),
config(other) config(other)
{ {
for (list<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method) m_methods.reserve(other.m_methods.size());
for (vector<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method)
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr))); m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr)));
} }
@@ -332,7 +333,8 @@ eap::config_provider& eap::config_provider::operator=(_In_ const config_provider
m_lbl_alt_password = other.m_lbl_alt_password; m_lbl_alt_password = other.m_lbl_alt_password;
m_methods.clear(); m_methods.clear();
for (list<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method) m_methods.reserve(other.m_methods.size());
for (vector<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method)
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr))); m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr)));
} }
@@ -432,7 +434,7 @@ void eap::config_provider::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pC
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods))) if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:AuthenticationMethods"), bstr(L"AuthenticationMethods"), bstrNamespace, &pXmlElAuthenticationMethods)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethods> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <AuthenticationMethods> element.");
for (list<unique_ptr<config_method> >::const_iterator method = m_methods.cbegin(), method_end = m_methods.cend(); method != method_end; ++method) { for (vector<unique_ptr<config_method> >::const_iterator method = m_methods.cbegin(), method_end = m_methods.cend(); method != method_end; ++method) {
// <AuthenticationMethod> // <AuthenticationMethod>
com_obj<IXMLDOMElement> pXmlElAuthenticationMethod; com_obj<IXMLDOMElement> pXmlElAuthenticationMethod;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod))) if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"AuthenticationMethod"), bstrNamespace, &pXmlElAuthenticationMethod)))
@@ -669,7 +671,7 @@ void eap::config_provider_list::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNod
if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList))) if (FAILED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:EAPIdentityProviderList"), &pXmlElIdentityProviderList)))
throw com_runtime_error(hr, __FUNCTION__ " Error selecting <EAPIdentityProviderList> element."); throw com_runtime_error(hr, __FUNCTION__ " Error selecting <EAPIdentityProviderList> element.");
for (list<config_provider>::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) { for (vector<config_provider>::const_iterator provider = m_providers.cbegin(), provider_end = m_providers.cend(); provider != provider_end; ++provider) {
// <EAPIdentityProvider> // <EAPIdentityProvider>
com_obj<IXMLDOMElement> pXmlElIdentityProvider; com_obj<IXMLDOMElement> pXmlElIdentityProvider;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider))) if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"EAPIdentityProvider"), bstrNamespace, &pXmlElIdentityProvider)))

13
lib/EAPBase/src/Credentials.cpp
View File

@@ -83,19 +83,6 @@ tstring eap::credentials::get_name() const
} }
bool eap::credentials::combine(
_In_ const credentials *cred_cached,
_In_ config_method_with_cred &cfg,
_In_opt_z_ LPCTSTR pszTargetName)
{
UNREFERENCED_PARAMETER(cred_cached);
UNREFERENCED_PARAMETER(cfg);
UNREFERENCED_PARAMETER(pszTargetName);
// When there's nothing to combine...
return true;
}
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// eap::credentials_pass // eap::credentials_pass
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////

229
lib/EAPBase_UI/include/EAP_UI.h
View File

@@ -20,6 +20,7 @@
#include <wx/hyperlink.h> #include <wx/hyperlink.h>
#include <wx/icon.h> #include <wx/icon.h>
#include <wx/scrolwin.h>
#include <wx/statbmp.h> #include <wx/statbmp.h>
#include <Windows.h> #include <Windows.h>
@@ -34,18 +35,21 @@ class wxEAPBannerPanel;
/// ///
template <class _wxT> class wxEAPConfigDialog; template <class _wxT> class wxEAPConfigDialog;
///
/// EAP general-use dialog
///
class wxEAPGeneralDialog;
/// ///
/// EAP top-most credential dialog /// EAP top-most credential dialog
/// ///
class wxEAPCredentialsDialog; class wxEAPCredentialsDialog;
/// ///
/// EAP general note /// EAP general note
/// ///
class wxEAPNotePanel; class wxEAPNotePanel;
/// ///
/// EAP provider-locked congifuration note /// EAP provider-locked congifuration note
/// ///
@@ -56,6 +60,21 @@ class wxEAPProviderLockedPanel;
/// ///
class wxEAPCredentialWarningPanel; class wxEAPCredentialWarningPanel;
///
/// EAP Configuration window
///
class wxEAPConfigWindow;
///
/// EAP provider identity config panel
///
class wxEAPProviderIdentityPanel;
///
/// EAP provider configuration dialog
///
class wxEAPConfigProvider;
/// ///
/// Base template for credential configuration panel /// Base template for credential configuration panel
/// ///
@@ -76,6 +95,11 @@ template <class _Tcred, class _Tbase> class wxPasswordCredentialsPanel;
/// ///
inline bool wxSetIconFromResource(wxStaticBitmap *bmp, wxIcon &icon, HINSTANCE hinst, PCWSTR pszName); inline bool wxSetIconFromResource(wxStaticBitmap *bmp, wxIcon &icon, HINSTANCE hinst, PCWSTR pszName);
///
/// Returns GUI displayable provider name
///
inline wxString wxEAPGetProviderName(const std::wstring &id);
#pragma once #pragma once
#include <wx/msw/winundef.h> // Fixes `CreateDialog` name collision #include <wx/msw/winundef.h> // Fixes `CreateDialog` name collision
@@ -128,10 +152,10 @@ public:
// Set extra style here, as wxFormBuilder overrides all default flags. // Set extra style here, as wxFormBuilder overrides all default flags.
this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY); this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY);
for (std::list<eap::config_provider>::iterator provider = m_cfg.m_providers.begin(), provider_end = m_cfg.m_providers.end(); provider != provider_end; ++provider) { for (std::vector<eap::config_provider>::iterator provider = m_cfg.m_providers.begin(), provider_end = m_cfg.m_providers.end(); provider != provider_end; ++provider) {
bool is_single = provider->m_methods.size() == 1; bool is_single = provider->m_methods.size() == 1;
std::list<std::unique_ptr<eap::config_method> >::size_type count = 0; std::vector<std::unique_ptr<eap::config_method> >::size_type count = 0;
std::list<std::unique_ptr<eap::config_method> >::iterator method = provider->m_methods.begin(), method_end = provider->m_methods.end(); std::vector<std::unique_ptr<eap::config_method> >::iterator method = provider->m_methods.begin(), method_end = provider->m_methods.end();
for (; method != method_end; ++method, count++) for (; method != method_end; ++method, count++)
m_providers->AddPage( m_providers->AddPage(
new _wxT( new _wxT(
@@ -139,7 +163,9 @@ public:
*method->get(), *method->get(),
provider->m_id.c_str(), provider->m_id.c_str(),
m_providers), m_providers),
is_single ? provider->m_id : winstd::tstring_printf(_T("%s (%u)"), provider->m_id.c_str(), count)); is_single ?
wxEAPGetProviderName(provider->m_id) :
winstd::tstring_printf(_T("%s (%u)"), wxEAPGetProviderName(provider->m_id), count));
} }
this->Layout(); this->Layout();
@@ -151,6 +177,7 @@ public:
protected: protected:
/// \cond internal /// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event) virtual void OnInitDialog(wxInitDialogEvent& event)
{ {
// Forward the event to child panels. // Forward the event to child panels.
@@ -160,6 +187,22 @@ protected:
prov->GetEventHandler()->ProcessEvent(event); prov->GetEventHandler()->ProcessEvent(event);
} }
} }
virtual void OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
m_advanced->Enable(!m_cfg.m_providers.at(m_providers->GetSelection()).m_read_only);
}
virtual void OnAdvanced(wxCommandEvent& event)
{
UNREFERENCED_PARAMETER(event);
wxEAPConfigProvider dlg(m_cfg.m_providers.at(m_providers->GetSelection()), this);
dlg.ShowModal();
}
/// \endcond /// \endcond
@@ -168,23 +211,38 @@ protected:
}; };
class wxEAPCredentialsDialog : public wxEAPCredentialsDialogBase class wxEAPGeneralDialog : public wxEAPGeneralDialogBase
{
public:
///
/// Constructs a dialog
///
wxEAPGeneralDialog(wxWindow* parent, const wxString& title = wxEmptyString);
///
/// Adds panels to the dialog
///
void AddContent(wxPanel **contents, size_t content_count);
///
/// Adds single panel to the dialog
///
void AddContent(wxPanel *content);
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
/// \endcond
};
class wxEAPCredentialsDialog : public wxEAPGeneralDialog
{ {
public: public:
/// ///
/// Constructs a credential dialog /// Constructs a credential dialog
/// ///
wxEAPCredentialsDialog(const eap::config_provider &prov, wxWindow* parent); wxEAPCredentialsDialog(const eap::config_provider &prov, wxWindow* parent);
///
/// Adds panels to the dialog
///
void AddContents(wxPanel **contents, size_t content_count);
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
/// \endcond
}; };
@@ -265,6 +323,103 @@ protected:
}; };
class wxEAPConfigWindow : public wxScrolledWindow
{
public:
///
/// Constructs a configuration window
///
/// \param[in] prov Provider configuration data
/// \param[inout] cfg Configuration data
/// \param[in] parent Parent window
///
wxEAPConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent);
///
/// Destructs the configuration window
///
virtual ~wxEAPConfigWindow();
protected:
/// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnUpdateUI(wxUpdateUIEvent& event);
/// \endcond
protected:
const eap::config_provider &m_prov; ///< EAP provider
eap::config_method &m_cfg; ///< Method configuration
};
class wxEAPProviderIdentityPanel : public wxEAPProviderIdentityPanelBase
{
public:
///
/// Constructs a provider identity pannel
///
/// \param[inout] prov Provider configuration data
/// \param[in] parent Parent window
///
wxEAPProviderIdentityPanel(eap::config_provider &prov, wxWindow* parent);
friend class wxEAPConfigProvider; // Allows direct setting of keyboard focus
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
/// \endcond
protected:
eap::config_provider &m_prov; ///< EAP method configuration
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
};
class wxEAPProviderLockPanel : public wxEAPProviderLockPanelBase
{
public:
///
/// Constructs a provider lock pannel
///
/// \param[inout] prov Provider configuration data
/// \param[in] parent Parent window
///
wxEAPProviderLockPanel(eap::config_provider &prov, wxWindow* parent);
protected:
/// \cond internal
virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow();
/// \endcond
protected:
eap::config_provider &m_prov; ///< EAP method configuration
winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon
};
class wxEAPConfigProvider : public wxEAPGeneralDialog
{
public:
///
/// Constructs a provider config dialog
///
/// \param[inout] prov Provider configuration data
/// \param[in] parent Parent window
///
wxEAPConfigProvider(eap::config_provider &prov, wxWindow* parent);
protected:
eap::config_provider &m_prov; ///< EAP method configuration
wxEAPProviderIdentityPanel *m_identity; ///< Provider identity panel
wxEAPProviderLockPanel *m_lock; ///< Provider lock panel
};
template <class _Tcred, class _wxT> template <class _Tcred, class _wxT>
class wxEAPCredentialsConfigPanel : public wxEAPCredentialsConfigPanelBase class wxEAPCredentialsConfigPanel : public wxEAPCredentialsConfigPanelBase
{ {
@@ -289,6 +444,14 @@ public:
wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(/*16770*/269)); wxSetIconFromResource(m_credentials_icon, m_icon, m_shell32, MAKEINTRESOURCE(/*16770*/269));
} }
///
/// Sets keyboard focus to the first control that do not capture mouse wheel
///
inline void SetFocusFromKbd()
{
m_own->SetFocusFromKbd();
}
protected: protected:
/// \cond internal /// \cond internal
@@ -402,7 +565,7 @@ protected:
// Display credential prompt. // Display credential prompt.
wxEAPCredentialsDialog dlg(m_prov, this); wxEAPCredentialsDialog dlg(m_prov, this);
_wxT *panel = new _wxT(m_prov, m_cfg, cred, m_target.c_str(), &dlg, true); _wxT *panel = new _wxT(m_prov, m_cfg, cred, m_target.c_str(), &dlg, true);
dlg.AddContents((wxPanel**)&panel, 1); dlg.AddContent(panel);
if (dlg.ShowModal() == wxID_OK && panel->GetRememberValue()) { if (dlg.ShowModal() == wxID_OK && panel->GetRememberValue()) {
// Write credentials to credential manager. // Write credentials to credential manager.
try { try {
@@ -433,21 +596,21 @@ protected:
_wxT *panel = new _wxT(m_prov, m_cfg, m_cred, _T(""), &dlg, true); _wxT *panel = new _wxT(m_prov, m_cfg, m_cred, _T(""), &dlg, true);
dlg.AddContents((wxPanel**)&panel, 1); dlg.AddContent(panel);
dlg.ShowModal(); dlg.ShowModal();
} }
/// \endcond /// \endcond
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_with_cred &m_cfg; ///< EAP method configuration eap::config_method_with_cred &m_cfg; ///< EAP method configuration
winstd::library m_shell32; ///< shell32.dll resource library reference winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon wxIcon m_icon; ///< Panel icon
winstd::tstring m_target; ///< Credential Manager target winstd::tstring m_target; ///< Credential Manager target
private: private:
_Tcred m_cred; ///< Temporary credential data _Tcred m_cred; ///< Temporary credential data
}; };
@@ -486,6 +649,11 @@ public:
this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(_Tthis::OnUpdateUI)); this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(_Tthis::OnUpdateUI));
} }
inline void SetRememberValue(bool val)
{
return m_remember->SetValue(val);
}
inline bool GetRememberValue() const inline bool GetRememberValue() const
{ {
return m_remember->GetValue(); return m_remember->GetValue();
@@ -576,12 +744,12 @@ protected:
m_identity->SetSelection(0, -1); m_identity->SetSelection(0, -1);
m_password->SetValue(m_cred.m_password.empty() ? wxEmptyString : s_dummy_password); m_password->SetValue(m_cred.m_password.empty() ? wxEmptyString : s_dummy_password);
return wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPanelPassBase>::TransferDataToWindow(); return wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataToWindow();
} }
virtual bool TransferDataFromWindow() virtual bool TransferDataFromWindow()
{ {
if (!wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPanelPassBase>::TransferDataFromWindow()) if (!wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::TransferDataFromWindow())
return false; return false;
m_cred.m_identity = m_identity->GetValue(); m_cred.m_identity = m_identity->GetValue();
@@ -604,7 +772,7 @@ protected:
m_password ->Enable(false); m_password ->Enable(false);
} }
wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPanelPassBase>::OnUpdateUI(event); wxEAPCredentialsPanelBase<_Tcred, wxEAPCredentialsPassPanelBase>::OnUpdateUI(event);
} }
/// \endcond /// \endcond
@@ -633,3 +801,10 @@ inline bool wxSetIconFromResource(wxStaticBitmap *bmp, wxIcon &icon, HINSTANCE h
} else } else
return false; return false;
} }
inline wxString wxEAPGetProviderName(const std::wstring &id)
{
return
!id.empty() ? id : _("<Your Organization>");
}

207
lib/EAPBase_UI/res/wxEAP_UI.cpp
View File

@@ -28,6 +28,20 @@ wxEAPConfigDialogBase::wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id, c
sb_content->Add( m_providers, 1, wxEXPAND|wxALL, 10 ); sb_content->Add( m_providers, 1, wxEXPAND|wxALL, 10 );
wxBoxSizer* sb_bottom_horiz;
sb_bottom_horiz = new wxBoxSizer( wxHORIZONTAL );
wxBoxSizer* sb_bottom_horiz_inner;
sb_bottom_horiz_inner = new wxBoxSizer( wxHORIZONTAL );
m_advanced = new wxButton( this, wxID_ANY, _("Advanced..."), wxDefaultPosition, wxDefaultSize, 0 );
m_advanced->SetToolTip( _("Opens dialog with provider settings") );
sb_bottom_horiz_inner->Add( m_advanced, 0, wxALL, 5 );
sb_bottom_horiz->Add( sb_bottom_horiz_inner, 1, wxEXPAND, 5 );
m_buttons = new wxStdDialogButtonSizer(); m_buttons = new wxStdDialogButtonSizer();
m_buttonsOK = new wxButton( this, wxID_OK ); m_buttonsOK = new wxButton( this, wxID_OK );
m_buttons->AddButton( m_buttonsOK ); m_buttons->AddButton( m_buttonsOK );
@@ -35,7 +49,10 @@ wxEAPConfigDialogBase::wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id, c
m_buttons->AddButton( m_buttonsCancel ); m_buttons->AddButton( m_buttonsCancel );
m_buttons->Realize(); m_buttons->Realize();
sb_content->Add( m_buttons, 0, wxEXPAND|wxALL, 5 ); sb_bottom_horiz->Add( m_buttons, 0, wxEXPAND|wxALL, 5 );
sb_content->Add( sb_bottom_horiz, 0, wxEXPAND, 5 );
this->SetSizer( sb_content ); this->SetSizer( sb_content );
@@ -44,16 +61,20 @@ wxEAPConfigDialogBase::wxEAPConfigDialogBase( wxWindow* parent, wxWindowID id, c
// Connect Events // Connect Events
this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) ); this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) );
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPConfigDialogBase::OnUpdateUI ) );
m_advanced->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnAdvanced ), NULL, this );
} }
wxEAPConfigDialogBase::~wxEAPConfigDialogBase() wxEAPConfigDialogBase::~wxEAPConfigDialogBase()
{ {
// Disconnect Events // Disconnect Events
this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) ); this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPConfigDialogBase::OnInitDialog ) );
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPConfigDialogBase::OnUpdateUI ) );
m_advanced->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPConfigDialogBase::OnAdvanced ), NULL, this );
} }
wxEAPCredentialsDialogBase::wxEAPCredentialsDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) wxEAPGeneralDialogBase::wxEAPGeneralDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style )
{ {
this->SetSizeHints( wxDefaultSize, wxDefaultSize ); this->SetSizeHints( wxDefaultSize, wxDefaultSize );
@@ -84,13 +105,13 @@ wxEAPCredentialsDialogBase::wxEAPCredentialsDialogBase( wxWindow* parent, wxWind
sb_content->Fit( this ); sb_content->Fit( this );
// Connect Events // Connect Events
this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPCredentialsDialogBase::OnInitDialog ) ); this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPGeneralDialogBase::OnInitDialog ) );
} }
wxEAPCredentialsDialogBase::~wxEAPCredentialsDialogBase() wxEAPGeneralDialogBase::~wxEAPGeneralDialogBase()
{ {
// Disconnect Events // Disconnect Events
this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPCredentialsDialogBase::OnInitDialog ) ); this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( wxEAPGeneralDialogBase::OnInitDialog ) );
} }
@@ -99,20 +120,20 @@ wxEAPBannerPanelBase::wxEAPBannerPanelBase( wxWindow* parent, wxWindowID id, con
this->SetBackgroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_HIGHLIGHT ) ); this->SetBackgroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_HIGHLIGHT ) );
this->SetMinSize( wxSize( -1,48 ) ); this->SetMinSize( wxSize( -1,48 ) );
wxBoxSizer* sc_content; wxBoxSizer* sb_content;
sc_content = new wxBoxSizer( wxVERTICAL ); sb_content = new wxBoxSizer( wxVERTICAL );
m_title = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT ); m_title = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT );
m_title->Wrap( -1 ); m_title->Wrap( -1 );
m_title->SetFont( wxFont( 18, 70, 90, 90, false, wxEmptyString ) ); m_title->SetFont( wxFont( 18, 70, 90, 90, false, wxEmptyString ) );
m_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_HIGHLIGHTTEXT ) ); m_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_HIGHLIGHTTEXT ) );
sc_content->Add( m_title, 0, wxALL|wxEXPAND, 5 ); sb_content->Add( m_title, 0, wxALL|wxEXPAND, 5 );
this->SetSizer( sc_content ); this->SetSizer( sb_content );
this->Layout(); this->Layout();
sc_content->Fit( this ); sb_content->Fit( this );
} }
wxEAPBannerPanelBase::~wxEAPBannerPanelBase() wxEAPBannerPanelBase::~wxEAPBannerPanelBase()
@@ -269,7 +290,7 @@ wxEAPCredentialsConfigPanelBase::~wxEAPCredentialsConfigPanelBase()
} }
wxEAPCredentialsPanelPassBase::wxEAPCredentialsPanelPassBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) wxEAPCredentialsPassPanelBase::wxEAPCredentialsPassPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{ {
wxStaticBoxSizer* sb_credentials; wxStaticBoxSizer* sb_credentials;
sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Client Credentials") ), wxVERTICAL ); sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Client Credentials") ), wxVERTICAL );
@@ -330,6 +351,168 @@ wxEAPCredentialsPanelPassBase::wxEAPCredentialsPanelPassBase( wxWindow* parent,
this->Layout(); this->Layout();
} }
wxEAPCredentialsPanelPassBase::~wxEAPCredentialsPanelPassBase() wxEAPCredentialsPassPanelBase::~wxEAPCredentialsPassPanelBase()
{ {
} }
wxEAPProviderIdentityPanelBase::wxEAPProviderIdentityPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_provider_id;
sb_provider_id = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Your Organization") ), wxVERTICAL );
wxBoxSizer* sb_provider_id_horiz;
sb_provider_id_horiz = new wxBoxSizer( wxHORIZONTAL );
m_provider_id_icon = new wxStaticBitmap( sb_provider_id->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_id_horiz->Add( m_provider_id_icon, 0, wxALL, 5 );
wxBoxSizer* sb_provider_id_vert;
sb_provider_id_vert = new wxBoxSizer( wxVERTICAL );
m_provider_id_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Describe your organization to customize user prompts. When organization is introduced, end-users find program messages easier to understand and act."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_id_label->Wrap( 446 );
sb_provider_id_vert->Add( m_provider_id_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_provider_name;
sb_provider_name = new wxBoxSizer( wxVERTICAL );
m_provider_name_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Your organization &name:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_label->Wrap( -1 );
sb_provider_name->Add( m_provider_name_label, 0, wxBOTTOM, 5 );
m_provider_name = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name->SetToolTip( _("Your organization name as it will appear on helpdesk contact notifications") );
sb_provider_name->Add( m_provider_name, 0, wxEXPAND|wxBOTTOM, 5 );
m_provider_name_note = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("(Keep it short, please)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_name_note->Wrap( -1 );
sb_provider_name->Add( m_provider_name_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_id_vert->Add( sb_provider_name, 0, wxEXPAND|wxALL, 5 );
wxBoxSizer* sb_provider_helpdesk;
sb_provider_helpdesk = new wxBoxSizer( wxVERTICAL );
m_provider_helpdesk_label = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("Helpdesk contact &information:"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_helpdesk_label->Wrap( -1 );
sb_provider_helpdesk->Add( m_provider_helpdesk_label, 0, wxBOTTOM, 5 );
wxFlexGridSizer* sb_provider_helpdesk_inner;
sb_provider_helpdesk_inner = new wxFlexGridSizer( 0, 2, 0, 0 );
sb_provider_helpdesk_inner->AddGrowableCol( 1 );
sb_provider_helpdesk_inner->SetFlexibleDirection( wxBOTH );
sb_provider_helpdesk_inner->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED );
m_provider_web_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _(""), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web_icon->Wrap( -1 );
m_provider_web_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_web_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_web = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_web->SetToolTip( _("Your helpdesk website") );
sb_provider_helpdesk_inner->Add( m_provider_web, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_email_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _("*"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email_icon->Wrap( -1 );
m_provider_email_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_email_icon, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 );
m_provider_email = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_email->SetToolTip( _("Your helpdesk e-mail address") );
sb_provider_helpdesk_inner->Add( m_provider_email, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxBOTTOM, 5 );
m_provider_phone_icon = new wxStaticText( sb_provider_id->GetStaticBox(), wxID_ANY, _(")"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone_icon->Wrap( -1 );
m_provider_phone_icon->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Wingdings") ) );
sb_provider_helpdesk_inner->Add( m_provider_phone_icon, 0, wxALIGN_CENTER_VERTICAL|wxRIGHT, 5 );
m_provider_phone = new wxTextCtrl( sb_provider_id->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_provider_phone->SetToolTip( _("Your helpdesk phone number") );
sb_provider_helpdesk_inner->Add( m_provider_phone, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 );
sb_provider_helpdesk->Add( sb_provider_helpdesk_inner, 1, wxEXPAND, 5 );
sb_provider_id_vert->Add( sb_provider_helpdesk, 1, wxEXPAND, 5 );
sb_provider_id_horiz->Add( sb_provider_id_vert, 1, wxEXPAND, 5 );
sb_provider_id->Add( sb_provider_id_horiz, 1, wxEXPAND, 5 );
this->SetSizer( sb_provider_id );
this->Layout();
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderIdentityPanelBase::OnUpdateUI ) );
}
wxEAPProviderIdentityPanelBase::~wxEAPProviderIdentityPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderIdentityPanelBase::OnUpdateUI ) );
}
wxEAPProviderLockPanelBase::wxEAPProviderLockPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{
wxStaticBoxSizer* sb_provider_lock;
sb_provider_lock = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Configuration Lock") ), wxVERTICAL );
wxBoxSizer* sb_provider_lock_horiz;
sb_provider_lock_horiz = new wxBoxSizer( wxHORIZONTAL );
m_provider_lock_icon = new wxStaticBitmap( sb_provider_lock->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_lock_horiz->Add( m_provider_lock_icon, 0, wxALL, 5 );
wxBoxSizer* sb_provider_lock_vert;
sb_provider_lock_vert = new wxBoxSizer( wxVERTICAL );
m_provider_lock_label = new wxStaticText( sb_provider_lock->GetStaticBox(), wxID_ANY, _("Your configuration can be locked to prevent accidental modification by end-users. Users will only be allowed to enter credentials."), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_lock_label->Wrap( 446 );
sb_provider_lock_vert->Add( m_provider_lock_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_provider_name;
sb_provider_name = new wxBoxSizer( wxVERTICAL );
m_provider_lock = new wxCheckBox( sb_provider_lock->GetStaticBox(), wxID_ANY, _("&Lock this configuration and prevent any further modification via user interface."), wxDefaultPosition, wxDefaultSize, 0 );
sb_provider_name->Add( m_provider_lock, 0, wxEXPAND|wxBOTTOM, 5 );
m_provider_lock_note = new wxStaticText( sb_provider_lock->GetStaticBox(), wxID_ANY, _("(Warning: Once locked, you can not revert using this dialog!)"), wxDefaultPosition, wxDefaultSize, 0 );
m_provider_lock_note->Wrap( -1 );
sb_provider_name->Add( m_provider_lock_note, 0, wxALIGN_RIGHT, 5 );
sb_provider_lock_vert->Add( sb_provider_name, 0, wxEXPAND|wxALL, 5 );
sb_provider_lock_horiz->Add( sb_provider_lock_vert, 1, wxEXPAND, 5 );
sb_provider_lock->Add( sb_provider_lock_horiz, 1, wxEXPAND, 5 );
this->SetSizer( sb_provider_lock );
this->Layout();
// Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderLockPanelBase::OnUpdateUI ) );
}
wxEAPProviderLockPanelBase::~wxEAPProviderLockPanelBase()
{
// Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPProviderLockPanelBase::OnUpdateUI ) );
}

1740
lib/EAPBase_UI/res/wxEAP_UI.fbp
View File

File diff suppressed because it is too large Load Diff

77
lib/EAPBase_UI/res/wxEAP_UI.h
View File

@@ -18,8 +18,8 @@ class wxEAPBannerPanel;
#include <wx/settings.h> #include <wx/settings.h>
#include <wx/string.h> #include <wx/string.h>
#include <wx/notebook.h> #include <wx/notebook.h>
#include <wx/sizer.h>
#include <wx/button.h> #include <wx/button.h>
#include <wx/sizer.h>
#include <wx/dialog.h> #include <wx/dialog.h>
#include <wx/stattext.h> #include <wx/stattext.h>
#include <wx/panel.h> #include <wx/panel.h>
@@ -44,12 +44,15 @@ class wxEAPConfigDialogBase : public wxDialog
protected: protected:
wxEAPBannerPanel *m_banner; wxEAPBannerPanel *m_banner;
wxNotebook* m_providers; wxNotebook* m_providers;
wxButton* m_advanced;
wxStdDialogButtonSizer* m_buttons; wxStdDialogButtonSizer* m_buttons;
wxButton* m_buttonsOK; wxButton* m_buttonsOK;
wxButton* m_buttonsCancel; wxButton* m_buttonsCancel;
// Virtual event handlers, overide them in your derived class // Virtual event handlers, overide them in your derived class
virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); } virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); }
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
virtual void OnAdvanced( wxCommandEvent& event ) { event.Skip(); }
public: public:
@@ -60,9 +63,9 @@ class wxEAPConfigDialogBase : public wxDialog
}; };
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPCredentialsDialogBase /// Class wxEAPGeneralDialogBase
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
class wxEAPCredentialsDialogBase : public wxDialog class wxEAPGeneralDialogBase : public wxDialog
{ {
private: private:
@@ -79,8 +82,8 @@ class wxEAPCredentialsDialogBase : public wxDialog
public: public:
wxEAPCredentialsDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("EAP Credentials"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); wxEAPGeneralDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE );
~wxEAPCredentialsDialogBase(); ~wxEAPGeneralDialogBase();
}; };
@@ -153,9 +156,9 @@ class wxEAPCredentialsConfigPanelBase : public wxPanel
}; };
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPCredentialsPanelPassBase /// Class wxEAPCredentialsPassPanelBase
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
class wxEAPCredentialsPanelPassBase : public wxPanel class wxEAPCredentialsPassPanelBase : public wxPanel
{ {
private: private:
@@ -170,8 +173,64 @@ class wxEAPCredentialsPanelPassBase : public wxPanel
public: public:
wxEAPCredentialsPanelPassBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL ); wxEAPCredentialsPassPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPCredentialsPanelPassBase(); ~wxEAPCredentialsPassPanelBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPProviderIdentityPanelBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPProviderIdentityPanelBase : public wxPanel
{
private:
protected:
wxStaticBitmap* m_provider_id_icon;
wxStaticText* m_provider_id_label;
wxStaticText* m_provider_name_label;
wxTextCtrl* m_provider_name;
wxStaticText* m_provider_name_note;
wxStaticText* m_provider_helpdesk_label;
wxStaticText* m_provider_web_icon;
wxTextCtrl* m_provider_web;
wxStaticText* m_provider_email_icon;
wxTextCtrl* m_provider_email;
wxStaticText* m_provider_phone_icon;
wxTextCtrl* m_provider_phone;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:
wxEAPProviderIdentityPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPProviderIdentityPanelBase();
};
///////////////////////////////////////////////////////////////////////////////
/// Class wxEAPProviderLockPanelBase
///////////////////////////////////////////////////////////////////////////////
class wxEAPProviderLockPanelBase : public wxPanel
{
private:
protected:
wxStaticBitmap* m_provider_lock_icon;
wxStaticText* m_provider_lock_label;
wxCheckBox* m_provider_lock;
wxStaticText* m_provider_lock_note;
// Virtual event handlers, overide them in your derived class
virtual void OnUpdateUI( wxUpdateUIEvent& event ) { event.Skip(); }
public:
wxEAPProviderLockPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( 500,-1 ), long style = wxTAB_TRAVERSAL );
~wxEAPProviderLockPanelBase();
}; };

170
lib/EAPBase_UI/src/EAP_UI.cpp
View File

@@ -38,22 +38,19 @@ bool wxEAPBannerPanel::AcceptsFocusFromKeyboard() const
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// wxEAPCredentialsDialog // wxEAPGeneralDialog
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
wxEAPCredentialsDialog::wxEAPCredentialsDialog(const eap::config_provider &prov, wxWindow* parent) : wxEAPCredentialsDialogBase(parent) wxEAPGeneralDialog::wxEAPGeneralDialog(wxWindow* parent, const wxString& title) : wxEAPGeneralDialogBase(parent, wxID_ANY, title)
{ {
// Set extra style here, as wxFormBuilder overrides all default flags. // Set extra style here, as wxFormBuilder overrides all default flags.
this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY); this->SetExtraStyle(this->GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY);
// Set banner title.
m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), prov.m_id.c_str()));
m_buttonsOK->SetDefault(); m_buttonsOK->SetDefault();
} }
void wxEAPCredentialsDialog::AddContents(wxPanel **contents, size_t content_count) void wxEAPGeneralDialog::AddContent(wxPanel **contents, size_t content_count)
{ {
if (content_count) { if (content_count) {
for (size_t i = 0; i < content_count; i++) for (size_t i = 0; i < content_count; i++)
@@ -66,13 +63,30 @@ void wxEAPCredentialsDialog::AddContents(wxPanel **contents, size_t content_coun
} }
void wxEAPCredentialsDialog::OnInitDialog(wxInitDialogEvent& event) void wxEAPGeneralDialog::AddContent(wxPanel *content)
{
AddContent(&content, 1);
}
void wxEAPGeneralDialog::OnInitDialog(wxInitDialogEvent& event)
{ {
for (wxSizerItemList::compatibility_iterator panel = m_panels->GetChildren().GetFirst(); panel; panel = panel->GetNext()) for (wxSizerItemList::compatibility_iterator panel = m_panels->GetChildren().GetFirst(); panel; panel = panel->GetNext())
panel->GetData()->GetWindow()->GetEventHandler()->ProcessEvent(event); panel->GetData()->GetWindow()->GetEventHandler()->ProcessEvent(event);
} }
//////////////////////////////////////////////////////////////////////
// wxEAPCredentialsDialog
//////////////////////////////////////////////////////////////////////
wxEAPCredentialsDialog::wxEAPCredentialsDialog(const eap::config_provider &prov, wxWindow* parent) : wxEAPGeneralDialog(parent, _("EAP Credentials"))
{
// Set banner title.
m_banner->m_title->SetLabel(wxString::Format(_("%s Credentials"), wxEAPGetProviderName(prov.m_id).c_str()));
}
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// wxEAPNotePanel // wxEAPNotePanel
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
@@ -182,10 +196,150 @@ wxEAPCredentialWarningPanel::wxEAPCredentialWarningPanel(const eap::config_provi
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_note_icon, m_icon, m_shell32, MAKEINTRESOURCE(161)); wxSetIconFromResource(m_note_icon, m_icon, m_shell32, MAKEINTRESOURCE(161));
m_note_label->SetLabel(_("Previous attempt to connect using provided credentials failed. Please, make sure your credentials are correct, or try again later.")); m_note_label->SetLabel(_("Previous attempt to connect failed. Please, make sure your credentials are correct, or try again later."));
m_note_label->Wrap(449); m_note_label->Wrap(449);
CreateContactFields(prov); CreateContactFields(prov);
this->Layout(); this->Layout();
} }
//////////////////////////////////////////////////////////////////////
// wxEAPConfigWindow
//////////////////////////////////////////////////////////////////////
wxEAPConfigWindow::wxEAPConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, wxWindow* parent) :
m_prov(prov),
m_cfg(cfg),
wxScrolledWindow(parent, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxVSCROLL)
{
this->SetScrollRate(5, 5);
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPConfigWindow::OnInitDialog));
this->Connect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxEAPConfigWindow::OnUpdateUI));
}
wxEAPConfigWindow::~wxEAPConfigWindow()
{
// Disconnect Events
this->Disconnect(wxEVT_UPDATE_UI, wxUpdateUIEventHandler(wxEAPConfigWindow::OnUpdateUI));
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxEAPConfigWindow::OnInitDialog));
}
void wxEAPConfigWindow::OnInitDialog(wxInitDialogEvent& event)
{
UNREFERENCED_PARAMETER(event);
// Call TransferDataToWindow() manually, as wxScrolledWindow somehow skips that.
TransferDataToWindow();
}
void wxEAPConfigWindow::OnUpdateUI(wxUpdateUIEvent& event)
{
UNREFERENCED_PARAMETER(event);
if (m_parent && m_parent->IsKindOf(wxCLASSINFO(wxNotebook))) {
// We're a notebook page. Set the ID of our provider as our page label.
wxNotebook *notebook = (wxNotebook*)m_parent;
int idx = notebook->FindPage(this);
if (idx != wxNOT_FOUND)
notebook->SetPageText(idx, wxEAPGetProviderName(m_prov.m_id));
} else
this->SetLabel(wxEAPGetProviderName(m_prov.m_id));
}
//////////////////////////////////////////////////////////////////////
// wxEAPProviderIdentityPanel
//////////////////////////////////////////////////////////////////////
wxEAPProviderIdentityPanel::wxEAPProviderIdentityPanel(eap::config_provider &prov, wxWindow* parent) :
m_prov(prov),
wxEAPProviderIdentityPanelBase(parent)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_provider_id_icon, m_icon, m_shell32, MAKEINTRESOURCE(259));
}
bool wxEAPProviderIdentityPanel::TransferDataToWindow()
{
m_provider_name ->SetValue(m_prov.m_id );
m_provider_web ->SetValue(m_prov.m_help_web );
m_provider_email->SetValue(m_prov.m_help_email);
m_provider_phone->SetValue(m_prov.m_help_phone);
return wxEAPProviderIdentityPanelBase::TransferDataToWindow();
}
bool wxEAPProviderIdentityPanel::TransferDataFromWindow()
{
wxCHECK(wxEAPProviderIdentityPanelBase::TransferDataFromWindow(), false);
m_prov.m_id = m_provider_name ->GetValue();
m_prov.m_help_web = m_provider_web ->GetValue();
m_prov.m_help_email = m_provider_email->GetValue();
m_prov.m_help_phone = m_provider_phone->GetValue();
return true;
}
//////////////////////////////////////////////////////////////////////
// wxEAPProviderLockPanel
//////////////////////////////////////////////////////////////////////
wxEAPProviderLockPanel::wxEAPProviderLockPanel(eap::config_provider &prov, wxWindow* parent) :
m_prov(prov),
wxEAPProviderLockPanelBase(parent)
{
// Load and set icon.
if (m_shell32.load(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE))
wxSetIconFromResource(m_provider_lock_icon, m_icon, m_shell32, MAKEINTRESOURCE(1003));
}
bool wxEAPProviderLockPanel::TransferDataToWindow()
{
m_provider_lock->SetValue(m_prov.m_read_only);
return wxEAPProviderLockPanelBase::TransferDataToWindow();
}
bool wxEAPProviderLockPanel::TransferDataFromWindow()
{
wxCHECK(wxEAPProviderLockPanelBase::TransferDataFromWindow(), false);
m_prov.m_read_only = m_provider_lock->GetValue();
return true;
}
//////////////////////////////////////////////////////////////////////
// wxEAPConfigProvider
//////////////////////////////////////////////////////////////////////
wxEAPConfigProvider::wxEAPConfigProvider(eap::config_provider &prov, wxWindow* parent) :
m_prov(prov),
wxEAPGeneralDialog(parent, _("Provider Settings"))
{
// Set banner title.
m_banner->m_title->SetLabel(_("Provider Settings"));
m_identity = new wxEAPProviderIdentityPanel(prov, this);
AddContent(m_identity);
m_lock = new wxEAPProviderLockPanel(prov, this);
AddContent(m_lock);
m_identity->m_provider_name->SetFocusFromKbd();
}

BIN
lib/Events/res/EventsETW.man
View File

Binary file not shown.

2
lib/PAP/include/Credentials.h
View File

@@ -113,7 +113,7 @@ namespace eap
/// - \c true if credentials were set; /// - \c true if credentials were set;
/// - \c false otherwise /// - \c false otherwise
/// ///
bool combine( source_t combine(
_In_ const credentials_pap *cred_cached, _In_ const credentials_pap *cred_cached,
_In_ const config_method_pap &cfg, _In_ const config_method_pap &cfg,
_In_opt_z_ LPCTSTR pszTargetName); _In_opt_z_ LPCTSTR pszTargetName);

10
lib/PAP/src/Credentials.cpp
View File

@@ -75,7 +75,7 @@ LPCTSTR eap::credentials_pap::target_suffix() const
} }
bool eap::credentials_pap::combine( eap::credentials::source_t eap::credentials_pap::combine(
_In_ const credentials_pap *cred_cached, _In_ const credentials_pap *cred_cached,
_In_ const config_method_pap &cfg, _In_ const config_method_pap &cfg,
_In_opt_z_ LPCTSTR pszTargetName) _In_opt_z_ LPCTSTR pszTargetName)
@@ -84,14 +84,14 @@ bool eap::credentials_pap::combine(
// Using EAP service cached credentials. // Using EAP service cached credentials.
*this = *cred_cached; *this = *cred_cached;
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank);
return true; return source_cache;
} }
if (cfg.m_use_preshared) { if (cfg.m_use_preshared) {
// Using preshared credentials. // Using preshared credentials.
*this = *(credentials_pap*)cfg.m_preshared.get(); *this = *(credentials_pap*)cfg.m_preshared.get();
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank);
return true; return source_preshared;
} }
if (pszTargetName) { if (pszTargetName) {
@@ -102,11 +102,11 @@ bool eap::credentials_pap::combine(
// Using stored credentials. // Using stored credentials.
*this = std::move(cred_loaded); *this = std::move(cred_loaded);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_pap), event_data(credentials_pap::get_name()), event_data::blank);
return true; return source_storage;
} catch (...) { } catch (...) {
// Not actually an error. // Not actually an error.
} }
} }
return false; return source_unknown;
} }

4
lib/PAP_UI/include/PAP_UI.h
View File

@@ -25,7 +25,7 @@
/// ///
/// PAP credential configuration panel /// PAP credential configuration panel
/// ///
typedef wxEAPCredentialsConfigPanel<eap::credentials_pap, wxPasswordCredentialsPanel<eap::credentials_pap, wxEAPCredentialsPanelPassBase> > wxPAPCredentialsConfigPanel; typedef wxEAPCredentialsConfigPanel<eap::credentials_pap, wxPasswordCredentialsPanel<eap::credentials_pap, wxEAPCredentialsPassPanelBase> > wxPAPCredentialsConfigPanel;
/// ///
/// PAP configuration panel /// PAP configuration panel
@@ -35,7 +35,7 @@ class wxPAPConfigPanel;
/// ///
/// PAP credential entry panel /// PAP credential entry panel
/// ///
typedef wxPasswordCredentialsPanel<eap::credentials_pap, wxEAPCredentialsPanelPassBase> wxPAPCredentialsPanel; typedef wxPasswordCredentialsPanel<eap::credentials_pap, wxEAPCredentialsPassPanelBase> wxPAPCredentialsPanel;
#pragma once #pragma once

352
lib/TLS/include/Config.h
View File

@@ -1,176 +1,176 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include <WinStd/Common.h> #include <WinStd/Common.h>
#include <Windows.h> #include <Windows.h>
#include <WinCrypt.h> // Must include after <Windows.h> #include <WinCrypt.h> // Must include after <Windows.h>
#include <sal.h> #include <sal.h>
namespace eap namespace eap
{ {
/// ///
/// TLS configuration /// TLS configuration
/// ///
class config_method_tls; class config_method_tls;
/// ///
/// Helper function to compile human-readable certificate name for UI display /// Helper function to compile human-readable certificate name for UI display
/// ///
winstd::tstring get_cert_title(PCCERT_CONTEXT cert); winstd::tstring get_cert_title(PCCERT_CONTEXT cert);
} }
#pragma once #pragma once
#include "Credentials.h" #include "Credentials.h"
#include "Method.h" #include "Method.h"
#include "TLS.h" #include "TLS.h"
#include "../../EAPBase/include/Config.h" #include "../../EAPBase/include/Config.h"
#include <WinStd/Crypt.h> #include <WinStd/Crypt.h>
#include <Windows.h> #include <Windows.h>
#include <list> #include <list>
#include <string> #include <string>
namespace eap namespace eap
{ {
class config_method_tls : public config_method_with_cred class config_method_tls : public config_method_with_cred
{ {
public: public:
/// ///
/// Constructs configuration /// Constructs configuration
/// ///
/// \param[in] mod EAP module to use for global services /// \param[in] mod EAP module to use for global services
/// ///
config_method_tls(_In_ module &mod); config_method_tls(_In_ module &mod);
/// ///
/// Copies configuration /// Copies configuration
/// ///
/// \param[in] other Configuration to copy from /// \param[in] other Configuration to copy from
/// ///
config_method_tls(_In_ const config_method_tls &other); config_method_tls(_In_ const config_method_tls &other);
/// ///
/// Moves configuration /// Moves configuration
/// ///
/// \param[in] other Configuration to move from /// \param[in] other Configuration to move from
/// ///
config_method_tls(_Inout_ config_method_tls &&other); config_method_tls(_Inout_ config_method_tls &&other);
/// ///
/// Copies configuration /// Copies configuration
/// ///
/// \param[in] other Configuration to copy from /// \param[in] other Configuration to copy from
/// ///
/// \returns Reference to this object /// \returns Reference to this object
/// ///
config_method_tls& operator=(_In_ const config_method_tls &other); config_method_tls& operator=(_In_ const config_method_tls &other);
/// ///
/// Moves configuration /// Moves configuration
/// ///
/// \param[in] other Configuration to move from /// \param[in] other Configuration to move from
/// ///
/// \returns Reference to this object /// \returns Reference to this object
/// ///
config_method_tls& operator=(_Inout_ config_method_tls &&other); config_method_tls& operator=(_Inout_ config_method_tls &&other);
/// ///
/// Clones configuration /// Clones configuration
/// ///
/// \returns Pointer to cloned configuration /// \returns Pointer to cloned configuration
/// ///
virtual config* clone() const; virtual config* clone() const;
/// \name XML configuration management /// \name XML configuration management
/// @{ /// @{
/// ///
/// Save to XML document /// Save to XML document
/// ///
/// \param[in] pDoc XML document /// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving /// \param[in] pConfigRoot Suggested root element for saving
/// ///
virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const; virtual void save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const;
/// ///
/// Load from XML document /// Load from XML document
/// ///
/// \param[in] pConfigRoot Root element for loading /// \param[in] pConfigRoot Root element for loading
/// ///
virtual void load(_In_ IXMLDOMNode *pConfigRoot); virtual void load(_In_ IXMLDOMNode *pConfigRoot);
/// @} /// @}
/// \name BLOB management /// \name BLOB management
/// @{ /// @{
/// ///
/// Packs a configuration /// Packs a configuration
/// ///
/// \param[inout] cursor Memory cursor /// \param[inout] cursor Memory cursor
/// ///
virtual void operator<<(_Inout_ cursor_out &cursor) const; virtual void operator<<(_Inout_ cursor_out &cursor) const;
/// ///
/// Returns packed size of a configuration /// Returns packed size of a configuration
/// ///
/// \returns Size of data when packed (in bytes) /// \returns Size of data when packed (in bytes)
/// ///
virtual size_t get_pk_size() const; virtual size_t get_pk_size() const;
/// ///
/// Unpacks a configuration /// Unpacks a configuration
/// ///
/// \param[inout] cursor Memory cursor /// \param[inout] cursor Memory cursor
/// ///
virtual void operator>>(_Inout_ cursor_in &cursor); virtual void operator>>(_Inout_ cursor_in &cursor);
/// @} /// @}
/// ///
/// Returns EAP method type of this configuration /// Returns EAP method type of this configuration
/// ///
/// \returns `eap::type_tls` /// \returns `eap::type_tls`
/// ///
virtual winstd::eap_type_t get_method_id() const; virtual winstd::eap_type_t get_method_id() const;
/// ///
/// Adds CA to the list of trusted root CA's /// Adds CA to the list of trusted root CA's
/// ///
/// \sa [CertCreateCertificateContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376033.aspx) /// \sa [CertCreateCertificateContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa376033.aspx)
/// ///
bool add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded); bool add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded);
public: public:
std::list<winstd::cert_context> m_trusted_root_ca; ///< Trusted root CAs std::list<winstd::cert_context> m_trusted_root_ca; ///< Trusted root CAs
std::list<std::string> m_server_names; ///< Acceptable authenticating server names std::list<std::wstring> m_server_names; ///< Acceptable authenticating server names
// Following members are used for session resumptions. They are not exported/imported to XML. // Following members are used for session resumptions. They are not exported/imported to XML.
sanitizing_blob m_session_id; ///< TLS session ID sanitizing_blob m_session_id; ///< TLS session ID
tls_master_secret m_master_secret; ///< TLS master secret tls_master_secret m_master_secret; ///< TLS master secret
}; };
} }

2
lib/TLS/include/Credentials.h
View File

@@ -200,7 +200,7 @@ namespace eap
/// - \c true if credentials were set; /// - \c true if credentials were set;
/// - \c false otherwise /// - \c false otherwise
/// ///
bool combine( source_t combine(
_In_ const credentials_tls *cred_cached, _In_ const credentials_tls *cred_cached,
_In_ const config_method_tls &cfg, _In_ const config_method_tls &cfg,
_In_opt_z_ LPCTSTR pszTargetName); _In_opt_z_ LPCTSTR pszTargetName);

34
lib/TLS/include/Method.h
View File

@@ -248,15 +248,6 @@ namespace eap
/// ///
sanitizing_blob make_client_key_exchange(_In_ const tls_master_secret &pms) const; sanitizing_blob make_client_key_exchange(_In_ const tls_master_secret &pms) const;
///
/// Makes a TLS change cipher spec message
///
/// \sa [The Transport Layer Security (TLS) Protocol Version 1.2 (Chapter A.1. Record Layer)](https://tools.ietf.org/html/rfc5246#appendix-A.1)
///
/// \returns Change cipher spec
///
eap::sanitizing_blob make_change_chiper_spec() const;
/// ///
/// Makes a TLS finished message /// Makes a TLS finished message
/// ///
@@ -476,6 +467,7 @@ namespace eap
/// ///
/// \sa [How to export and import plain text session keys by using CryptoAPI](https://support.microsoft.com/en-us/kb/228786) /// \sa [How to export and import plain text session keys by using CryptoAPI](https://support.microsoft.com/en-us/kb/228786)
/// ///
/// \param[in] cp Handle of the cryptographics provider
/// \param[in] alg Key algorithm /// \param[in] alg Key algorithm
/// \param[in] key Key that decrypts \p secret /// \param[in] key Key that decrypts \p secret
/// \param[in] secret Key data /// \param[in] secret Key data
@@ -484,10 +476,11 @@ namespace eap
/// \returns Key /// \returns Key
/// ///
HCRYPTKEY create_key( HCRYPTKEY create_key(
_In_ ALG_ID alg, _In_ HCRYPTPROV cp,
_In_ HCRYPTKEY key, _In_ ALG_ID alg,
_In_bytecount_(size_secret) const void *secret, _In_ HCRYPTKEY key,
_In_ size_t size_secret); _In_bytecount_(size_secret) const void *secret,
_In_ size_t size_secret);
protected: protected:
credentials_tls &m_cred; ///< EAP-TLS user credentials credentials_tls &m_cred; ///< EAP-TLS user credentials
@@ -496,7 +489,8 @@ namespace eap
packet m_packet_res; ///< Response packet packet m_packet_res; ///< Response packet
winstd::crypt_prov m_cp; ///< Cryptography provider for general services winstd::crypt_prov m_cp; ///< Cryptography provider for general services
winstd::crypt_prov m_cp_enc; ///< Cryptography provider for encryption winstd::crypt_prov m_cp_enc_client; ///< Cryptography provider for encryption
winstd::crypt_prov m_cp_enc_server; ///< Cryptography provider for encryption
winstd::crypt_key m_key_exp1; ///< Key for importing derived keys winstd::crypt_key m_key_exp1; ///< Key for importing derived keys
tls_version m_tls_version; ///< TLS version in use tls_version m_tls_version; ///< TLS version in use
@@ -522,9 +516,15 @@ namespace eap
winstd::crypt_hash m_hash_handshake_msgs_sha1; ///< Running SHA-1 hash of handshake messages winstd::crypt_hash m_hash_handshake_msgs_sha1; ///< Running SHA-1 hash of handshake messages
winstd::crypt_hash m_hash_handshake_msgs_sha256; ///< Running SHA-256 hash of handshake messages winstd::crypt_hash m_hash_handshake_msgs_sha256; ///< Running SHA-256 hash of handshake messages
bool m_certificate_req; ///< Did server request client certificate? bool m_handshake[tls_handshake_type_max]; ///< Handshake flags (map od handshake messages received)
bool m_server_hello_done; ///< Is server hello done?
bool m_server_finished; ///< Did server send a valid finish message? enum {
phase_unknown = -1, ///< Unknown phase
phase_client_hello = 0, ///< Send client hello
phase_server_hello, ///< Wait for server hello
phase_change_cipher_spec, ///< Wait for change cipher spec
phase_application_data ///< Exchange application data
} m_phase; ///< What phase is our communication at?
unsigned __int64 m_seq_num_client; ///< Sequence number for encrypting unsigned __int64 m_seq_num_client; ///< Sequence number for encrypting
unsigned __int64 m_seq_num_server; ///< Sequence number for decrypting unsigned __int64 m_seq_num_server; ///< Sequence number for decrypting

30
lib/TLS/include/TLS.h
View File

@@ -148,7 +148,10 @@ namespace eap
tls_handshake_type_server_hello_done = 14, tls_handshake_type_server_hello_done = 14,
tls_handshake_type_certificate_verify = 15, tls_handshake_type_certificate_verify = 15,
tls_handshake_type_client_key_exchange = 16, tls_handshake_type_client_key_exchange = 16,
tls_handshake_type_finished = 20 tls_handshake_type_finished = 20,
tls_handshake_type_min = 0, ///< First existing handshake message
tls_handshake_type_max = 21 ///< First non-existing (officially) handshake message
}; };
@@ -512,28 +515,3 @@ namespace eap
hmac_padding m_padding_hmac; ///< Padding (key) for HMAC calculation hmac_padding m_padding_hmac; ///< Padding (key) for HMAC calculation
}; };
} }
//inline void operator<<(_Inout_ eap::cursor_out &cursor, _In_ const eap::tls_conn_state &val)
//{
// cursor << val.m_master_secret;
// cursor << val.m_random_client;
// cursor << val.m_random_server;
//}
//
//
//inline size_t pksizeof(_In_ const eap::tls_conn_state &val)
//{
// return
// pksizeof(val.m_master_secret) +
// pksizeof(val.m_random_client) +
// pksizeof(val.m_random_server);
//}
//
//
//inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ eap::tls_conn_state &val)
//{
// cursor >> val.m_master_secret;
// cursor >> val.m_random_client;
// cursor >> val.m_random_server;
//}

603
lib/TLS/src/Config.cpp
View File

@@ -1,305 +1,298 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "StdAfx.h" #include "StdAfx.h"
#pragma comment(lib, "Cryptui.lib") #pragma comment(lib, "Cryptui.lib")
using namespace std; using namespace std;
using namespace winstd; using namespace winstd;
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// eap::get_cert_title // eap::get_cert_title
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
tstring eap::get_cert_title(PCCERT_CONTEXT cert) tstring eap::get_cert_title(PCCERT_CONTEXT cert)
{ {
tstring name, str, issuer, title; tstring name, str, issuer, title;
FILETIME ft; FILETIME ft;
SYSTEMTIME st; SYSTEMTIME st;
// Prepare certificate information // Prepare certificate information
CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name); CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name);
title += name; title += name;
FileTimeToLocalFileTime(&(cert->pCertInfo->NotBefore), &ft); FileTimeToLocalFileTime(&(cert->pCertInfo->NotBefore), &ft);
FileTimeToSystemTime(&ft, &st); FileTimeToSystemTime(&ft, &st);
GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str); GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str);
title += _T(", "); title += _T(", ");
title += str; title += str;
FileTimeToLocalFileTime(&(cert->pCertInfo->NotAfter ), &ft); FileTimeToLocalFileTime(&(cert->pCertInfo->NotAfter ), &ft);
FileTimeToSystemTime(&ft, &st); FileTimeToSystemTime(&ft, &st);
GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str); GetDateFormat(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &st, NULL, str);
title += _T('-'); title += _T('-');
title += str; title += str;
CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer); CertGetNameString(cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer);
if (name != issuer) { if (name != issuer) {
title += _T(", "); title += _T(", ");
title += issuer; title += issuer;
} }
return title; return title;
} }
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// eap::config_method_tls // eap::config_method_tls
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
eap::config_method_tls::config_method_tls(_In_ module &mod) : config_method_with_cred(mod) eap::config_method_tls::config_method_tls(_In_ module &mod) : config_method_with_cred(mod)
{ {
m_preshared.reset(new credentials_tls(mod)); m_preshared.reset(new credentials_tls(mod));
} }
eap::config_method_tls::config_method_tls(_In_ const config_method_tls &other) : eap::config_method_tls::config_method_tls(_In_ const config_method_tls &other) :
m_trusted_root_ca(other.m_trusted_root_ca), m_trusted_root_ca(other.m_trusted_root_ca),
m_server_names(other.m_server_names), m_server_names(other.m_server_names),
m_session_id(other.m_session_id), m_session_id(other.m_session_id),
m_master_secret(other.m_master_secret), m_master_secret(other.m_master_secret),
config_method_with_cred(other) config_method_with_cred(other)
{ {
} }
eap::config_method_tls::config_method_tls(_Inout_ config_method_tls &&other) : eap::config_method_tls::config_method_tls(_Inout_ config_method_tls &&other) :
m_trusted_root_ca(std::move(other.m_trusted_root_ca)), m_trusted_root_ca(std::move(other.m_trusted_root_ca)),
m_server_names(std::move(other.m_server_names)), m_server_names(std::move(other.m_server_names)),
m_session_id(std::move(other.m_session_id)), m_session_id(std::move(other.m_session_id)),
m_master_secret(std::move(other.m_master_secret)), m_master_secret(std::move(other.m_master_secret)),
config_method_with_cred(std::move(other)) config_method_with_cred(std::move(other))
{ {
} }
eap::config_method_tls& eap::config_method_tls::operator=(_In_ const config_method_tls &other) eap::config_method_tls& eap::config_method_tls::operator=(_In_ const config_method_tls &other)
{ {
if (this != &other) { if (this != &other) {
(config_method_with_cred&)*this = other; (config_method_with_cred&)*this = other;
m_trusted_root_ca = other.m_trusted_root_ca; m_trusted_root_ca = other.m_trusted_root_ca;
m_server_names = other.m_server_names; m_server_names = other.m_server_names;
m_session_id = other.m_session_id; m_session_id = other.m_session_id;
m_master_secret = other.m_master_secret; m_master_secret = other.m_master_secret;
} }
return *this; return *this;
} }
eap::config_method_tls& eap::config_method_tls::operator=(_Inout_ config_method_tls &&other) eap::config_method_tls& eap::config_method_tls::operator=(_Inout_ config_method_tls &&other)
{ {
if (this != &other) { if (this != &other) {
(config_method_with_cred&&)*this = std::move(other); (config_method_with_cred&&)*this = std::move(other);
m_trusted_root_ca = std::move(other.m_trusted_root_ca); m_trusted_root_ca = std::move(other.m_trusted_root_ca);
m_server_names = std::move(other.m_server_names); m_server_names = std::move(other.m_server_names);
m_session_id = std::move(other.m_session_id); m_session_id = std::move(other.m_session_id);
m_master_secret = std::move(other.m_master_secret); m_master_secret = std::move(other.m_master_secret);
} }
return *this; return *this;
} }
eap::config* eap::config_method_tls::clone() const eap::config* eap::config_method_tls::clone() const
{ {
return new config_method_tls(*this); return new config_method_tls(*this);
} }
void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const void eap::config_method_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
{ {
assert(pDoc); assert(pDoc);
assert(pConfigRoot); assert(pConfigRoot);
config_method_with_cred::save(pDoc, pConfigRoot); config_method_with_cred::save(pDoc, pConfigRoot);
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata"); const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
HRESULT hr; HRESULT hr;
// <ServerSideCredential> // <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential; com_obj<IXMLDOMElement> pXmlElServerSideCredential;
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential))) if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), bstr(L"ServerSideCredential"), bstrNamespace, &pXmlElServerSideCredential)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerSideCredential> element.");
for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) { for (list<cert_context>::const_iterator i = m_trusted_root_ca.begin(), i_end = m_trusted_root_ca.end(); i != i_end; ++i) {
// <CA> // <CA>
com_obj<IXMLDOMElement> pXmlElCA; com_obj<IXMLDOMElement> pXmlElCA;
if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA))) if (FAILED(hr = eapxml::create_element(pDoc, bstr(L"CA"), bstrNamespace, &pXmlElCA)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <CA> element.");
// <CA>/<format> // <CA>/<format>
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM")))) if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElCA, bstr(L"format"), bstrNamespace, bstr(L"PEM"))))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <format> element.");
// <CA>/<cert-data> // <CA>/<cert-data>
const cert_context &cc = *i; const cert_context &cc = *i;
if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded))) if (FAILED(hr = eapxml::put_element_base64(pDoc, pXmlElCA, bstr(L"cert-data"), bstrNamespace, cc->pbCertEncoded, cc->cbCertEncoded)))
throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element."); throw com_runtime_error(hr, __FUNCTION__ " Error creating <cert-data> element.");
if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL))) if (FAILED(hr = pXmlElServerSideCredential->appendChild(pXmlElCA, NULL)))
throw com_runtime_error(hr, __FUNCTION__ " Error appending <CA> element."); throw com_runtime_error(hr, __FUNCTION__ " Error appending <CA> element.");
} }
// <ServerName> // <ServerName>
for (list<string>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) { for (list<wstring>::const_iterator i = m_server_names.begin(), i_end = m_server_names.end(); i != i_end; ++i) {
wstring str; if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(*i))))
MultiByteToWideChar(CP_UTF8, 0, i->c_str(), (int)i->length(), str); throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element.");
if (FAILED(hr = eapxml::put_element_value(pDoc, pXmlElServerSideCredential, bstr(L"ServerName"), bstrNamespace, bstr(str)))) }
throw com_runtime_error(hr, __FUNCTION__ " Error creating <ServerName> element."); }
}
}
void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot)
{
void eap::config_method_tls::load(_In_ IXMLDOMNode *pConfigRoot) assert(pConfigRoot);
{
assert(pConfigRoot); config_method_with_cred::load(pConfigRoot);
config_method_with_cred::load(pConfigRoot); std::wstring xpath(eapxml::get_xpath(pConfigRoot));
std::wstring xpath(eapxml::get_xpath(pConfigRoot)); m_trusted_root_ca.clear();
m_server_names.clear();
m_trusted_root_ca.clear();
m_server_names.clear(); // <ServerSideCredential>
com_obj<IXMLDOMElement> pXmlElServerSideCredential;
// <ServerSideCredential> if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential))) {
com_obj<IXMLDOMElement> pXmlElServerSideCredential; std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential");
if (SUCCEEDED(eapxml::select_element(pConfigRoot, bstr(L"eap-metadata:ServerSideCredential"), &pXmlElServerSideCredential))) {
std::wstring xpathServerSideCredential(xpath + L"/ServerSideCredential"); // <CA>
com_obj<IXMLDOMNodeList> pXmlListCAs;
// <CA> long lCACount = 0;
com_obj<IXMLDOMNodeList> pXmlListCAs; if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs)) && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) {
long lCACount = 0; for (long j = 0; j < lCACount; j++) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:CA"), &pXmlListCAs)) && SUCCEEDED(pXmlListCAs->get_length(&lCACount))) { // Load CA certificate.
for (long j = 0; j < lCACount; j++) { com_obj<IXMLDOMNode> pXmlElCA;
// Load CA certificate. pXmlListCAs->get_item(j, &pXmlElCA);
com_obj<IXMLDOMNode> pXmlElCA; bstr bstrFormat;
pXmlListCAs->get_item(j, &pXmlElCA); if (FAILED(eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat))) {
bstr bstrFormat; // <format> not specified.
if (FAILED(eapxml::get_element_value(pXmlElCA, bstr(L"eap-metadata:format"), &bstrFormat))) { continue;
// <format> not specified. }
continue;
} if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrFormat, bstrFormat.length(), L"PEM", -1, NULL, NULL, 0) != CSTR_EQUAL) {
// Certificate must be PEM encoded.
if (CompareStringEx(LOCALE_NAME_INVARIANT, NORM_IGNORECASE, bstrFormat, bstrFormat.length(), L"PEM", -1, NULL, NULL, 0) != CSTR_EQUAL) { continue;
// Certificate must be PEM encoded. }
continue;
} vector<unsigned char> aData;
if (FAILED(eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData))) {
vector<unsigned char> aData; // Error reading <cert-data> element.
if (FAILED(eapxml::get_element_base64(pXmlElCA, bstr(L"eap-metadata:cert-data"), aData))) { continue;
// Error reading <cert-data> element. }
continue;
} add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
}
add_trusted_ca(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, aData.data(), (DWORD)aData.size());
} // Log loaded CA certificates.
list<tstring> cert_names;
// Log loaded CA certificates. for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert)
list<tstring> cert_names; cert_names.push_back(std::move(get_cert_title(*cert)));
for (std::list<winstd::cert_context>::const_iterator cert = m_trusted_root_ca.cbegin(), cert_end = m_trusted_root_ca.cend(); cert != cert_end; ++cert) m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
cert_names.push_back(std::move(get_cert_title(*cert))); }
m_module.log_config((xpathServerSideCredential + L"/CA").c_str(), cert_names);
} // <ServerName>
com_obj<IXMLDOMNodeList> pXmlListServerIDs;
// <ServerName> long lServerIDCount = 0;
com_obj<IXMLDOMNodeList> pXmlListServerIDs; if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs)) && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) {
long lServerIDCount = 0; for (long j = 0; j < lServerIDCount; j++) {
if (SUCCEEDED(eapxml::select_nodes(pXmlElServerSideCredential, bstr(L"eap-metadata:ServerName"), &pXmlListServerIDs)) && SUCCEEDED(pXmlListServerIDs->get_length(&lServerIDCount))) { // Load server name (<ServerName>).
for (long j = 0; j < lServerIDCount; j++) { com_obj<IXMLDOMNode> pXmlElServerID;
// Load server name (<ServerName>). pXmlListServerIDs->get_item(j, &pXmlElServerID);
com_obj<IXMLDOMNode> pXmlElServerID; bstr bstrServerID;
pXmlListServerIDs->get_item(j, &pXmlElServerID); pXmlElServerID->get_text(&bstrServerID);
bstr bstrServerID; m_server_names.push_back(wstring(bstrServerID));
pXmlElServerID->get_text(&bstrServerID); }
// Server names (FQDNs) are always ASCII. Hopefully. Convert them to UTF-8 anyway for consistent comparison. CP_ANSI varies. m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names);
string str; }
WideCharToMultiByte(CP_UTF8, 0, bstrServerID, bstrServerID.length(), str, NULL, NULL); }
}
m_server_names.push_back(str);
}
void eap::config_method_tls::operator<<(_Inout_ cursor_out &cursor) const
m_module.log_config((xpathServerSideCredential + L"/ServerName").c_str(), m_server_names); {
} config_method_with_cred::operator<<(cursor);
} cursor << m_trusted_root_ca;
} cursor << m_server_names ;
cursor << m_session_id ;
cursor << m_master_secret ;
void eap::config_method_tls::operator<<(_Inout_ cursor_out &cursor) const }
{
config_method_with_cred::operator<<(cursor);
cursor << m_trusted_root_ca; size_t eap::config_method_tls::get_pk_size() const
cursor << m_server_names ; {
cursor << m_session_id ; return
cursor << m_master_secret ; config_method_with_cred::get_pk_size() +
} pksizeof(m_trusted_root_ca) +
pksizeof(m_server_names ) +
pksizeof(m_session_id ) +
size_t eap::config_method_tls::get_pk_size() const pksizeof(m_master_secret );
{ }
return
config_method_with_cred::get_pk_size() +
pksizeof(m_trusted_root_ca) + void eap::config_method_tls::operator>>(_Inout_ cursor_in &cursor)
pksizeof(m_server_names ) + {
pksizeof(m_session_id ) + config_method_with_cred::operator>>(cursor);
pksizeof(m_master_secret ); cursor >> m_trusted_root_ca;
} cursor >> m_server_names ;
cursor >> m_session_id ;
cursor >> m_master_secret ;
void eap::config_method_tls::operator>>(_Inout_ cursor_in &cursor) }
{
config_method_with_cred::operator>>(cursor);
cursor >> m_trusted_root_ca; eap_type_t eap::config_method_tls::get_method_id() const
cursor >> m_server_names ; {
cursor >> m_session_id ; return eap_type_tls;
cursor >> m_master_secret ; }
}
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded)
eap_type_t eap::config_method_tls::get_method_id() const {
{ cert_context cert;
return eap_type_tls; if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) {
} // Invalid or unsupported certificate.
return false;
}
bool eap::config_method_tls::add_trusted_ca(_In_ DWORD dwCertEncodingType, _In_ const BYTE *pbCertEncoded, _In_ DWORD cbCertEncoded)
{ for (list<cert_context>::const_iterator i = m_trusted_root_ca.cbegin(), i_end = m_trusted_root_ca.cend();; ++i) {
cert_context cert; if (i != i_end) {
if (!cert.create(dwCertEncodingType, pbCertEncoded, cbCertEncoded)) { if (*i == cert) {
// Invalid or unsupported certificate. // This certificate is already on the list.
return false; return false;
} }
} else {
for (list<cert_context>::const_iterator i = m_trusted_root_ca.cbegin(), i_end = m_trusted_root_ca.cend();; ++i) { // End of list reached. Append certificate.
if (i != i_end) { m_trusted_root_ca.push_back(std::move(cert));
if (*i == cert) { return true;
// This certificate is already on the list. }
return false; }
} }
} else {
// End of list reached. Append certificate.
m_trusted_root_ca.push_back(std::move(cert));
return true;
}
}
}

10
lib/TLS/src/Credentials.cpp
View File

@@ -254,7 +254,7 @@ tstring eap::credentials_tls::get_name() const
} }
bool eap::credentials_tls::combine( eap::credentials::source_t eap::credentials_tls::combine(
_In_ const credentials_tls *cred_cached, _In_ const credentials_tls *cred_cached,
_In_ const config_method_tls &cfg, _In_ const config_method_tls &cfg,
_In_opt_z_ LPCTSTR pszTargetName) _In_opt_z_ LPCTSTR pszTargetName)
@@ -263,14 +263,14 @@ bool eap::credentials_tls::combine(
// Using EAP service cached credentials. // Using EAP service cached credentials.
*this = *cred_cached; *this = *cred_cached;
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
return true; return source_cache;
} }
if (cfg.m_use_preshared) { if (cfg.m_use_preshared) {
// Using preshared credentials. // Using preshared credentials.
*this = *(credentials_tls*)cfg.m_preshared.get(); *this = *(credentials_tls*)cfg.m_preshared.get();
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_PRESHARED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
return true; return source_preshared;
} }
if (pszTargetName) { if (pszTargetName) {
@@ -281,13 +281,13 @@ bool eap::credentials_tls::combine(
// Using stored credentials. // Using stored credentials.
*this = std::move(cred_loaded); *this = std::move(cred_loaded);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank); m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_STORED1, event_data((unsigned int)eap_type_tls), event_data(credentials_tls::get_name()), event_data::blank);
return true; return source_storage;
} catch (...) { } catch (...) {
// Not actually an error. // Not actually an error.
} }
} }
return false; return source_unknown;
} }

3175
lib/TLS/src/Method.cpp
View File

File diff suppressed because it is too large Load Diff

684
lib/TLS_UI/include/TLS_UI.h
View File

@@ -1,342 +1,342 @@
/* /*
Copyright 2015-2016 Amebis Copyright 2015-2016 Amebis
Copyright 2016 GÉANT Copyright 2016 GÉANT
This file is part of GÉANTLink. This file is part of GÉANTLink.
GÉANTLink is free software: you can redistribute it and/or modify it GÉANTLink is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
GÉANTLink is distributed in the hope that it will be useful, but GÉANTLink is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>. along with GÉANTLink. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "../../EAPBase_UI/include/EAP_UI.h" #include "../../EAPBase_UI/include/EAP_UI.h"
#include "../../TLS/include/Config.h" #include "../../TLS/include/Config.h"
#include "../../TLS/include/Credentials.h" #include "../../TLS/include/Credentials.h"
#include <WinStd/Common.h> #include <WinStd/Common.h>
#include <wx/filedlg.h> #include <wx/filedlg.h>
#include <wx/msgdlg.h> #include <wx/msgdlg.h>
#include <Windows.h> #include <Windows.h>
#include <cryptuiapi.h> #include <cryptuiapi.h>
#include <WinCrypt.h> // Must include after <Windows.h> #include <WinCrypt.h> // Must include after <Windows.h>
#include <list> #include <list>
#include <string> #include <string>
/// ///
/// Helper class for auto-destroyable certificates used in wxWidget's item containers /// Helper class for auto-destroyable certificates used in wxWidget's item containers
/// ///
class wxCertificateClientData; class wxCertificateClientData;
/// ///
/// Validator for host name /// Validator for host name
/// ///
class wxHostNameValidator; class wxHostNameValidator;
/// ///
/// Validator for FQDN /// Validator for FQDN
/// ///
class wxFQDNValidator; class wxFQDNValidator;
/// ///
/// Validator for FQDN lists /// Validator for FQDN lists
/// ///
class wxFQDNListValidator; class wxFQDNListValidator;
/// ///
/// TLS credential panel /// TLS credential panel
/// ///
class wxTLSCredentialsPanel; class wxTLSCredentialsPanel;
/// ///
/// TLS server trust configuration panel /// TLS server trust configuration panel
/// ///
class wxTLSServerTrustPanel; class wxTLSServerTrustPanel;
/// ///
/// TLS credentials configuration panel /// TLS credentials configuration panel
/// ///
typedef wxEAPCredentialsConfigPanel<eap::credentials_tls, wxTLSCredentialsPanel> wxTLSCredentialsConfigPanel; typedef wxEAPCredentialsConfigPanel<eap::credentials_tls, wxTLSCredentialsPanel> wxTLSCredentialsConfigPanel;
/// ///
/// TLS configuration panel /// TLS configuration panel
/// ///
class wxTLSConfigPanel; class wxTLSConfigPanel;
#pragma once #pragma once
#include "../res/wxTLS_UI.h" #include "../res/wxTLS_UI.h"
#include <WinStd/Win.h> #include <WinStd/Win.h>
#include <wx/clntdata.h> #include <wx/clntdata.h>
#include <wx/icon.h> #include <wx/icon.h>
#include <wx/panel.h> #include <wx/panel.h>
#include <wx/textctrl.h> #include <wx/textctrl.h>
#include <wx/validate.h> #include <wx/validate.h>
#include <list> #include <list>
#include <string> #include <string>
#include <vector> #include <vector>
class wxCertificateClientData : public wxClientData class wxCertificateClientData : public wxClientData
{ {
public: public:
/// ///
/// Constructs client data object with existing handle /// Constructs client data object with existing handle
/// ///
wxCertificateClientData(PCCERT_CONTEXT cert); wxCertificateClientData(PCCERT_CONTEXT cert);
/// ///
/// Releases certificate handle and destructs the object /// Releases certificate handle and destructs the object
/// ///
virtual ~wxCertificateClientData(); virtual ~wxCertificateClientData();
public: public:
PCCERT_CONTEXT m_cert; ///< Certificate PCCERT_CONTEXT m_cert; ///< Certificate
}; };
class wxHostNameValidator : public wxValidator class wxHostNameValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxHostNameValidator); wxDECLARE_DYNAMIC_CLASS(wxHostNameValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxHostNameValidator); wxDECLARE_NO_ASSIGN_CLASS(wxHostNameValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxHostNameValidator(std::string *val = NULL); wxHostNameValidator(std::wstring *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxHostNameValidator(const wxHostNameValidator &other); wxHostNameValidator(const wxHostNameValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN value /// Parses FQDN value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::string *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::wstring *val_out = NULL);
protected: protected:
std::string *m_val; ///< Pointer to variable to receive control's parsed value std::wstring *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxFQDNValidator : public wxValidator class wxFQDNValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxFQDNValidator); wxDECLARE_DYNAMIC_CLASS(wxFQDNValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxFQDNValidator); wxDECLARE_NO_ASSIGN_CLASS(wxFQDNValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxFQDNValidator(std::string *val = NULL); wxFQDNValidator(std::wstring *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxFQDNValidator(const wxFQDNValidator &other); wxFQDNValidator(const wxFQDNValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN value /// Parses FQDN value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::string *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::wstring *val_out = NULL);
protected: protected:
std::string *m_val; ///< Pointer to variable to receive control's parsed value std::wstring *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxFQDNListValidator : public wxValidator class wxFQDNListValidator : public wxValidator
{ {
wxDECLARE_DYNAMIC_CLASS(wxFQDNListValidator); wxDECLARE_DYNAMIC_CLASS(wxFQDNListValidator);
wxDECLARE_NO_ASSIGN_CLASS(wxFQDNListValidator); wxDECLARE_NO_ASSIGN_CLASS(wxFQDNListValidator);
public: public:
/// ///
/// Construct the validator with a value to store data /// Construct the validator with a value to store data
/// ///
wxFQDNListValidator(std::list<std::string> *val = NULL); wxFQDNListValidator(std::list<std::wstring> *val = NULL);
/// ///
/// Copy constructor /// Copy constructor
/// ///
wxFQDNListValidator(const wxFQDNListValidator &other); wxFQDNListValidator(const wxFQDNListValidator &other);
/// ///
/// Copies this validator /// Copies this validator
/// ///
virtual wxObject* Clone() const; virtual wxObject* Clone() const;
/// ///
/// Validates the value /// Validates the value
/// ///
virtual bool Validate(wxWindow *parent); virtual bool Validate(wxWindow *parent);
/// ///
/// Transfers the value to the window /// Transfers the value to the window
/// ///
virtual bool TransferToWindow(); virtual bool TransferToWindow();
/// ///
/// Transfers the value from the window /// Transfers the value from the window
/// ///
virtual bool TransferFromWindow(); virtual bool TransferFromWindow();
/// ///
/// Parses FQDN list value /// Parses FQDN list value
/// ///
static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::list<std::string> *val_out = NULL); static bool Parse(const wxString &val_in, size_t i_start, size_t i_end, wxTextCtrl *ctrl, wxWindow *parent, std::list<std::wstring> *val_out = NULL);
protected: protected:
std::list<std::string> *m_val; ///< Pointer to variable to receive control's parsed value std::list<std::wstring> *m_val; ///< Pointer to variable to receive control's parsed value
}; };
class wxTLSCredentialsPanel : public wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase> class wxTLSCredentialsPanel : public wxEAPCredentialsPanelBase<eap::credentials_tls, wxTLSCredentialsPanelBase>
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
/// \param[in] prov Provider configuration data /// \param[in] prov Provider configuration data
/// \param[in] cfg Configuration data /// \param[in] cfg Configuration data
/// \param[inout] cred Credentials data /// \param[inout] cred Credentials data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name. /// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window /// \param[in] parent Parent window
/// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled. /// \param[in] is_config Is this panel used to pre-enter credentials? When \c true, the "Remember" checkbox is always selected and disabled.
/// ///
wxTLSCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false); wxTLSCredentialsPanel(const eap::config_provider &prov, const eap::config_method_with_cred &cfg, eap::credentials_tls &cred, LPCTSTR pszCredTarget, wxWindow* parent, bool is_config = false);
protected: protected:
/// \cond internal /// \cond internal
virtual bool TransferDataToWindow(); virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
virtual void OnUpdateUI(wxUpdateUIEvent& event); virtual void OnUpdateUI(wxUpdateUIEvent& event);
/// \endcond /// \endcond
protected: protected:
winstd::library m_shell32; ///< shell32.dll resource library reference winstd::library m_shell32; ///< shell32.dll resource library reference
wxIcon m_icon; ///< Panel icon wxIcon m_icon; ///< Panel icon
}; };
class wxTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase class wxTLSServerTrustPanel : public wxEAPTLSServerTrustConfigPanelBase
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
wxTLSServerTrustPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, wxWindow* parent); wxTLSServerTrustPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, wxWindow* parent);
protected: protected:
/// \cond internal /// \cond internal
virtual bool TransferDataToWindow(); virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
virtual void OnUpdateUI(wxUpdateUIEvent& event); virtual void OnUpdateUI(wxUpdateUIEvent& event);
virtual void OnRootCADClick(wxCommandEvent& event); virtual void OnRootCADClick(wxCommandEvent& event);
virtual void OnRootCAAddStore(wxCommandEvent& event); virtual void OnRootCAAddStore(wxCommandEvent& event);
virtual void OnRootCAAddFile(wxCommandEvent& event); virtual void OnRootCAAddFile(wxCommandEvent& event);
virtual void OnRootCARemove(wxCommandEvent& event); virtual void OnRootCARemove(wxCommandEvent& event);
/// \endcond /// \endcond
/// ///
/// Adds a certificate to the list of trusted root CA list /// Adds a certificate to the list of trusted root CA list
/// ///
/// \param[in] cert Certificate /// \param[in] cert Certificate
/// ///
/// \returns /// \returns
/// - \c true if certificate was added; /// - \c true if certificate was added;
/// - \c false if duplicate found or an error occured. /// - \c false if duplicate found or an error occured.
/// ///
bool AddRootCA(PCCERT_CONTEXT cert); bool AddRootCA(PCCERT_CONTEXT cert);
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_tls &m_cfg; ///< TLS configuration eap::config_method_tls &m_cfg; ///< TLS configuration
winstd::library m_certmgr; ///< certmgr.dll resource library reference winstd::library m_certmgr; ///< certmgr.dll resource library reference
wxIcon m_icon; ///< Panel icon wxIcon m_icon; ///< Panel icon
std::list<std::string> m_server_names_val; ///< Acceptable authenticating server names std::list<std::wstring> m_server_names_val; ///< Acceptable authenticating server names
}; };
class wxTLSConfigPanel : public wxPanel class wxTLSConfigPanel : public wxPanel
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
wxTLSConfigPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent); wxTLSConfigPanel(const eap::config_provider &prov, eap::config_method_tls &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
/// ///
/// Destructs the configuration panel /// Destructs the configuration panel
/// ///
virtual ~wxTLSConfigPanel(); virtual ~wxTLSConfigPanel();
protected: protected:
/// \cond internal /// \cond internal
virtual void OnInitDialog(wxInitDialogEvent& event); virtual void OnInitDialog(wxInitDialogEvent& event);
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
/// \endcond /// \endcond
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_tls &m_cfg; ///< TLS configuration eap::config_method_tls &m_cfg; ///< TLS configuration
wxTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel wxTLSServerTrustPanel *m_server_trust; ///< Server trust configuration panel
wxTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel wxTLSCredentialsConfigPanel *m_credentials; ///< Credentials configuration panel
}; };

364
lib/TLS_UI/res/wxTLS_UI.cpp
View File

@@ -1,182 +1,182 @@
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
// C++ code generated with wxFormBuilder (version Jun 17 2015) // C++ code generated with wxFormBuilder (version Jun 17 2015)
// http://www.wxformbuilder.org/ // http://www.wxformbuilder.org/
// //
// PLEASE DO "NOT" EDIT THIS FILE! // PLEASE DO "NOT" EDIT THIS FILE!
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
#include <StdAfx.h> #include <StdAfx.h>
#include "wxTLS_UI.h" #include "wxTLS_UI.h"
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{ {
wxStaticBoxSizer* sb_server_trust; wxStaticBoxSizer* sb_server_trust;
sb_server_trust = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Server Trust") ), wxVERTICAL ); sb_server_trust = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Server Trust") ), wxVERTICAL );
wxBoxSizer* sb_server_trust_horiz; wxBoxSizer* sb_server_trust_horiz;
sb_server_trust_horiz = new wxBoxSizer( wxHORIZONTAL ); sb_server_trust_horiz = new wxBoxSizer( wxHORIZONTAL );
m_server_trust_icon = new wxStaticBitmap( sb_server_trust->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); m_server_trust_icon = new wxStaticBitmap( sb_server_trust->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_server_trust_horiz->Add( m_server_trust_icon, 0, wxALL, 5 ); sb_server_trust_horiz->Add( m_server_trust_icon, 0, wxALL, 5 );
wxBoxSizer* sb_server_trust_vert; wxBoxSizer* sb_server_trust_vert;
sb_server_trust_vert = new wxBoxSizer( wxVERTICAL ); sb_server_trust_vert = new wxBoxSizer( wxVERTICAL );
m_server_trust_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Describe the servers you trust to prevent credential interception in case of man-in-the-middle attacks."), wxDefaultPosition, wxDefaultSize, 0 ); m_server_trust_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Describe the servers you trust to prevent credential interception in case of man-in-the-middle attacks."), wxDefaultPosition, wxDefaultSize, 0 );
m_server_trust_label->Wrap( 446 ); m_server_trust_label->Wrap( 446 );
sb_server_trust_vert->Add( m_server_trust_label, 0, wxALL|wxEXPAND, 5 ); sb_server_trust_vert->Add( m_server_trust_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_root_ca; wxBoxSizer* sb_root_ca;
sb_root_ca = new wxBoxSizer( wxVERTICAL ); sb_root_ca = new wxBoxSizer( wxVERTICAL );
m_root_ca_lbl = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable Certificate Authorities:"), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_lbl = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable Certificate Authorities:"), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_lbl->Wrap( -1 ); m_root_ca_lbl->Wrap( -1 );
sb_root_ca->Add( m_root_ca_lbl, 0, wxEXPAND|wxBOTTOM, 5 ); sb_root_ca->Add( m_root_ca_lbl, 0, wxEXPAND|wxBOTTOM, 5 );
m_root_ca = new wxListBox( sb_server_trust->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, 0, NULL, wxLB_SORT ); m_root_ca = new wxListBox( sb_server_trust->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, 0, NULL, wxLB_SORT );
m_root_ca->SetToolTip( _("List of certificate authorities server's certificate must be issued by") ); m_root_ca->SetToolTip( _("List of certificate authorities server's certificate must be issued by") );
sb_root_ca->Add( m_root_ca, 1, wxEXPAND|wxBOTTOM, 5 ); sb_root_ca->Add( m_root_ca, 1, wxEXPAND|wxBOTTOM, 5 );
wxBoxSizer* sb_root_ca_btn; wxBoxSizer* sb_root_ca_btn;
sb_root_ca_btn = new wxBoxSizer( wxHORIZONTAL ); sb_root_ca_btn = new wxBoxSizer( wxHORIZONTAL );
m_root_ca_add_store = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from Store..."), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_add_store = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from Store..."), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_add_store->SetToolTip( _("Adds a new certificate authority from the certificate store to the list") ); m_root_ca_add_store->SetToolTip( _("Adds a new certificate authority from the certificate store to the list") );
sb_root_ca_btn->Add( m_root_ca_add_store, 0, wxRIGHT, 5 ); sb_root_ca_btn->Add( m_root_ca_add_store, 0, wxRIGHT, 5 );
m_root_ca_add_file = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from File..."), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_add_file = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("Add CA from File..."), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_add_file->SetToolTip( _("Adds a new certificate authority from the file to the list") ); m_root_ca_add_file->SetToolTip( _("Adds a new certificate authority from the file to the list") );
sb_root_ca_btn->Add( m_root_ca_add_file, 0, wxRIGHT|wxLEFT, 5 ); sb_root_ca_btn->Add( m_root_ca_add_file, 0, wxRIGHT|wxLEFT, 5 );
m_root_ca_remove = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("&Remove CA"), wxDefaultPosition, wxDefaultSize, 0 ); m_root_ca_remove = new wxButton( sb_server_trust->GetStaticBox(), wxID_ANY, _("&Remove CA"), wxDefaultPosition, wxDefaultSize, 0 );
m_root_ca_remove->Enable( false ); m_root_ca_remove->Enable( false );
m_root_ca_remove->SetToolTip( _("Removes selected certificate authorities from the list") ); m_root_ca_remove->SetToolTip( _("Removes selected certificate authorities from the list") );
sb_root_ca_btn->Add( m_root_ca_remove, 0, wxLEFT, 5 ); sb_root_ca_btn->Add( m_root_ca_remove, 0, wxLEFT, 5 );
sb_root_ca->Add( sb_root_ca_btn, 0, wxALIGN_RIGHT, 5 ); sb_root_ca->Add( sb_root_ca_btn, 0, wxALIGN_RIGHT, 5 );
sb_server_trust_vert->Add( sb_root_ca, 1, wxEXPAND|wxALL, 5 ); sb_server_trust_vert->Add( sb_root_ca, 1, wxEXPAND|wxALL, 5 );
wxBoxSizer* sb_server_names; wxBoxSizer* sb_server_names;
sb_server_names = new wxBoxSizer( wxVERTICAL ); sb_server_names = new wxBoxSizer( wxVERTICAL );
m_server_names_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable server &names:"), wxDefaultPosition, wxDefaultSize, 0 ); m_server_names_label = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("Acceptable server &names:"), wxDefaultPosition, wxDefaultSize, 0 );
m_server_names_label->Wrap( -1 ); m_server_names_label->Wrap( -1 );
sb_server_names->Add( m_server_names_label, 0, wxBOTTOM, 5 ); sb_server_names->Add( m_server_names_label, 0, wxBOTTOM, 5 );
m_server_names = new wxTextCtrl( sb_server_trust->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); m_server_names = new wxTextCtrl( sb_server_trust->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 );
m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; \"*\" wildchar allowed") ); m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; Unicode characters allowed") );
sb_server_names->Add( m_server_names, 0, wxEXPAND|wxBOTTOM, 5 ); sb_server_names->Add( m_server_names, 0, wxEXPAND|wxBOTTOM, 5 );
m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;*.domain.org)"), wxDefaultPosition, wxDefaultSize, 0 ); m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;server2.bar.com)"), wxDefaultPosition, wxDefaultSize, 0 );
m_server_names_note->Wrap( -1 ); m_server_names_note->Wrap( -1 );
sb_server_names->Add( m_server_names_note, 0, wxALIGN_RIGHT, 5 ); sb_server_names->Add( m_server_names_note, 0, wxALIGN_RIGHT, 5 );
sb_server_trust_vert->Add( sb_server_names, 0, wxEXPAND|wxALL, 5 ); sb_server_trust_vert->Add( sb_server_names, 0, wxEXPAND|wxALL, 5 );
sb_server_trust_horiz->Add( sb_server_trust_vert, 1, wxEXPAND, 5 ); sb_server_trust_horiz->Add( sb_server_trust_vert, 1, wxEXPAND, 5 );
sb_server_trust->Add( sb_server_trust_horiz, 1, wxEXPAND, 5 ); sb_server_trust->Add( sb_server_trust_horiz, 1, wxEXPAND, 5 );
this->SetSizer( sb_server_trust ); this->SetSizer( sb_server_trust );
this->Layout(); this->Layout();
// Connect Events // Connect Events
this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) ); this->Connect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this ); m_root_ca->Connect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this ); m_root_ca_add_store->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this ); m_root_ca_add_file->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
m_root_ca_remove->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this ); m_root_ca_remove->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this );
} }
wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase() wxEAPTLSServerTrustConfigPanelBase::~wxEAPTLSServerTrustConfigPanelBase()
{ {
// Disconnect Events // Disconnect Events
this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) ); this->Disconnect( wxEVT_UPDATE_UI, wxUpdateUIEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnUpdateUI ) );
m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this ); m_root_ca->Disconnect( wxEVT_COMMAND_LISTBOX_DOUBLECLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCADClick ), NULL, this );
m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this ); m_root_ca_add_store->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddStore ), NULL, this );
m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this ); m_root_ca_add_file->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCAAddFile ), NULL, this );
m_root_ca_remove->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this ); m_root_ca_remove->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( wxEAPTLSServerTrustConfigPanelBase::OnRootCARemove ), NULL, this );
} }
wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) wxTLSCredentialsPanelBase::wxTLSCredentialsPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style )
{ {
wxStaticBoxSizer* sb_credentials; wxStaticBoxSizer* sb_credentials;
sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("TLS Client Certificate") ), wxVERTICAL ); sb_credentials = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("TLS Client Certificate") ), wxVERTICAL );
wxBoxSizer* sb_credentials_horiz; wxBoxSizer* sb_credentials_horiz;
sb_credentials_horiz = new wxBoxSizer( wxHORIZONTAL ); sb_credentials_horiz = new wxBoxSizer( wxHORIZONTAL );
m_credentials_icon = new wxStaticBitmap( sb_credentials->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); m_credentials_icon = new wxStaticBitmap( sb_credentials->GetStaticBox(), wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 );
sb_credentials_horiz->Add( m_credentials_icon, 0, wxALL, 5 ); sb_credentials_horiz->Add( m_credentials_icon, 0, wxALL, 5 );
wxBoxSizer* sb_credentials_vert; wxBoxSizer* sb_credentials_vert;
sb_credentials_vert = new wxBoxSizer( wxVERTICAL ); sb_credentials_vert = new wxBoxSizer( wxVERTICAL );
m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please select your client certificate to use for authentication."), wxDefaultPosition, wxDefaultSize, 0 ); m_credentials_label = new wxStaticText( sb_credentials->GetStaticBox(), wxID_ANY, _("Please select your client certificate to use for authentication."), wxDefaultPosition, wxDefaultSize, 0 );
m_credentials_label->Wrap( 446 ); m_credentials_label->Wrap( 446 );
sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 ); sb_credentials_vert->Add( m_credentials_label, 0, wxALL|wxEXPAND, 5 );
wxBoxSizer* sb_cert_radio; wxBoxSizer* sb_cert_radio;
sb_cert_radio = new wxBoxSizer( wxVERTICAL ); sb_cert_radio = new wxBoxSizer( wxVERTICAL );
m_cert_none = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Co&nnect without providing a client certificate"), wxDefaultPosition, wxDefaultSize, wxRB_GROUP ); m_cert_none = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Co&nnect without providing a client certificate"), wxDefaultPosition, wxDefaultSize, wxRB_GROUP );
m_cert_none->SetToolTip( _("Select if your server does not require you to provide a client certificate") ); m_cert_none->SetToolTip( _("Select if your server does not require you to provide a client certificate") );
sb_cert_radio->Add( m_cert_none, 1, wxEXPAND, 5 ); sb_cert_radio->Add( m_cert_none, 1, wxEXPAND, 5 );
wxBoxSizer* sb_cert_select; wxBoxSizer* sb_cert_select;
sb_cert_select = new wxBoxSizer( wxHORIZONTAL ); sb_cert_select = new wxBoxSizer( wxHORIZONTAL );
m_cert_select = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Use the following &certificate:"), wxDefaultPosition, wxDefaultSize, 0 ); m_cert_select = new wxRadioButton( sb_credentials->GetStaticBox(), wxID_ANY, _("Use the following &certificate:"), wxDefaultPosition, wxDefaultSize, 0 );
m_cert_select->SetToolTip( _("Select if you need to provide a client certificate when connecting") ); m_cert_select->SetToolTip( _("Select if you need to provide a client certificate when connecting") );
sb_cert_select->Add( m_cert_select, 0, wxEXPAND, 5 ); sb_cert_select->Add( m_cert_select, 0, wxEXPAND, 5 );
wxArrayString m_cert_select_valChoices; wxArrayString m_cert_select_valChoices;
m_cert_select_val = new wxChoice( sb_credentials->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, m_cert_select_valChoices, wxCB_SORT ); m_cert_select_val = new wxChoice( sb_credentials->GetStaticBox(), wxID_ANY, wxDefaultPosition, wxDefaultSize, m_cert_select_valChoices, wxCB_SORT );
m_cert_select_val->SetSelection( 0 ); m_cert_select_val->SetSelection( 0 );
m_cert_select_val->SetToolTip( _("Client certificate to use for authentication") ); m_cert_select_val->SetToolTip( _("Client certificate to use for authentication") );
sb_cert_select->Add( m_cert_select_val, 1, wxEXPAND, 5 ); sb_cert_select->Add( m_cert_select_val, 1, wxEXPAND, 5 );
sb_cert_radio->Add( sb_cert_select, 1, wxEXPAND, 5 ); sb_cert_radio->Add( sb_cert_select, 1, wxEXPAND, 5 );
sb_credentials_vert->Add( sb_cert_radio, 0, wxEXPAND|wxALL, 5 ); sb_credentials_vert->Add( sb_cert_radio, 0, wxEXPAND|wxALL, 5 );
m_remember = new wxCheckBox( sb_credentials->GetStaticBox(), wxID_ANY, _("&Remember"), wxDefaultPosition, wxDefaultSize, 0 ); m_remember = new wxCheckBox( sb_credentials->GetStaticBox(), wxID_ANY, _("&Remember"), wxDefaultPosition, wxDefaultSize, 0 );
m_remember->SetHelpText( _("Check if you would like to save certificate selection") ); m_remember->SetHelpText( _("Check if you would like to save certificate selection") );
sb_credentials_vert->Add( m_remember, 0, wxALL|wxEXPAND, 5 ); sb_credentials_vert->Add( m_remember, 0, wxALL|wxEXPAND, 5 );
sb_credentials_horiz->Add( sb_credentials_vert, 1, wxEXPAND, 5 ); sb_credentials_horiz->Add( sb_credentials_vert, 1, wxEXPAND, 5 );
sb_credentials->Add( sb_credentials_horiz, 0, wxEXPAND, 5 ); sb_credentials->Add( sb_credentials_horiz, 0, wxEXPAND, 5 );
this->SetSizer( sb_credentials ); this->SetSizer( sb_credentials );
this->Layout(); this->Layout();
} }
wxTLSCredentialsPanelBase::~wxTLSCredentialsPanelBase() wxTLSCredentialsPanelBase::~wxTLSCredentialsPanelBase()
{ {
} }

3250
lib/TLS_UI/res/wxTLS_UI.fbp
View File

File diff suppressed because it is too large Load Diff

1245
lib/TLS_UI/src/TLS_UI.cpp
View File

File diff suppressed because it is too large Load Diff

3
lib/TTLS/include/Credentials.h
View File

@@ -32,6 +32,7 @@ namespace eap
#include "../../PAP/include/Credentials.h" #include "../../PAP/include/Credentials.h"
#include <memory> #include <memory>
#include <utility>
namespace eap namespace eap
@@ -187,7 +188,7 @@ namespace eap
/// - \c true if credentials were set; /// - \c true if credentials were set;
/// - \c false otherwise /// - \c false otherwise
/// ///
bool combine( std::pair<source_t, source_t> combine(
_In_ const credentials_ttls *cred_cached, _In_ const credentials_ttls *cred_cached,
_In_ const config_method_ttls &cfg, _In_ const config_method_ttls &cfg,
_In_opt_z_ LPCTSTR pszTargetName); _In_opt_z_ LPCTSTR pszTargetName);

11
lib/TTLS/src/Credentials.cpp
View File

@@ -226,15 +226,12 @@ std::wstring eap::credentials_ttls::get_identity() const
} }
bool eap::credentials_ttls::combine( pair<eap::credentials::source_t, eap::credentials::source_t> eap::credentials_ttls::combine(
_In_ const credentials_ttls *cred_cached, _In_ const credentials_ttls *cred_cached,
_In_ const config_method_ttls &cfg, _In_ const config_method_ttls &cfg,
_In_opt_z_ LPCTSTR pszTargetName) _In_opt_z_ LPCTSTR pszTargetName)
{ {
bool return pair<source_t, source_t>(
is_outer_set = credentials_tls::combine(cred_cached, cfg, pszTargetName), credentials_tls::combine(cred_cached, cfg, pszTargetName),
is_inner_set = dynamic_cast<const credentials_pap*>(m_inner.get()) ? ((credentials_pap*)m_inner.get())->combine(cred_cached ? (credentials_pap*)cred_cached->m_inner.get() : NULL, (const config_method_pap&)*cfg.m_inner, pszTargetName) : source_unknown);
dynamic_cast<const credentials_pap*>(m_inner.get()) ? ((credentials_pap*)m_inner.get())->combine(cred_cached ? (credentials_pap*)cred_cached->m_inner.get() : NULL, (const config_method_pap&)*cfg.m_inner, pszTargetName) : false;
return is_outer_set && is_inner_set;
} }

55
lib/TTLS/src/Method.cpp
View File

@@ -69,27 +69,24 @@ void eap::method_ttls::process_request_packet(
m_module.log_event(&EAPMETHOD_TTLS_HANDSHAKE_START, event_data((unsigned int)eap_type_ttls), event_data((unsigned char)m_version), event_data((unsigned char)ver_remote), event_data::blank); m_module.log_event(&EAPMETHOD_TTLS_HANDSHAKE_START, event_data((unsigned int)eap_type_ttls), event_data((unsigned char)m_version), event_data((unsigned char)ver_remote), event_data::blank);
} }
if (!m_server_finished) { // Do the TLS.
// Do the TLS. method_tls::process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
method_tls::process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
if (m_server_finished) { if (m_phase == phase_application_data) {
// Piggyback inner authentication. // Send inner authentication.
if (!m_state_client.m_alg_encrypt) if (!m_state_client.m_alg_encrypt)
throw runtime_error(__FUNCTION__ " Refusing to send credentials unencrypted."); throw runtime_error(__FUNCTION__ " Refusing to send credentials unencrypted.");
m_packet_res.m_code = EapCodeResponse; m_module.log_event(&EAPMETHOD_TTLS_INNER_CRED, event_data((unsigned int)eap_type_ttls), event_data(m_cred.m_inner->get_name()), event_data::blank);
m_packet_res.m_id = m_packet_req.m_id;
m_packet_res.m_flags = 0;
sanitizing_blob msg_application(make_message(tls_message_type_application_data, make_pap_client()));
m_packet_res.m_data.assign(msg_application.begin(), msg_application.end());
pEapOutput->fAllowNotifications = FALSE; m_packet_res.m_code = EapCodeResponse;
pEapOutput->action = EapPeerMethodResponseActionSend; m_packet_res.m_id = m_packet_req.m_id;
} m_packet_res.m_flags = 0;
} else { sanitizing_blob msg_application(make_message(tls_message_type_application_data, make_pap_client()));
// Do the TLS. Again. m_packet_res.m_data.insert(m_packet_res.m_data.end(), msg_application.begin(), msg_application.end());
method_tls::process_request_packet(pReceivedPacket, dwReceivedPacketSize, pEapOutput);
pEapOutput->fAllowNotifications = FALSE;
pEapOutput->action = EapPeerMethodResponseActionSend;
} }
} }
@@ -111,20 +108,36 @@ void eap::method_ttls::get_result(
_In_ EapPeerMethodResultReason reason, _In_ EapPeerMethodResultReason reason,
_Inout_ EapPeerMethodResult *ppResult) _Inout_ EapPeerMethodResult *ppResult)
{ {
if (!m_server_finished) { if (m_phase != phase_application_data) {
// Do the TLS. // Do the TLS.
method_tls::get_result(reason, ppResult); method_tls::get_result(reason, ppResult);
} else { } else {
// The TLS finished, this is inner authentication's bussines.
config_provider &cfg_prov(m_cfg.m_providers.front()); config_provider &cfg_prov(m_cfg.m_providers.front());
config_method_ttls *cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov.m_methods.front().get()); config_method_ttls *cfg_method = dynamic_cast<config_method_ttls*>(cfg_prov.m_methods.front().get());
assert(cfg_method); assert(cfg_method);
// Mark credentials appropriately, so GUI can re-prompt user. switch (reason) {
cfg_method->m_inner->m_cred_failed = reason == EapPeerMethodResultFailure; case EapPeerMethodResultSuccess: {
m_module.log_event(&EAPMETHOD_TTLS_INNER_SUCCESS, event_data((unsigned int)eap_type_ttls), event_data::blank);
cfg_method->m_inner->m_auth_failed = false;
break;
}
case EapPeerMethodResultFailure:
m_module.log_event(&EAPMETHOD_TTLS_INNER_FAILURE, event_data((unsigned int)eap_type_ttls), event_data::blank);
cfg_method->m_inner->m_auth_failed = true;
break;
default:
throw win_runtime_error(ERROR_NOT_SUPPORTED, __FUNCTION__ " Not supported.");
}
// The TLS was OK. // The TLS was OK.
method_tls::get_result(EapPeerMethodResultSuccess, ppResult); method_tls::get_result(EapPeerMethodResultSuccess, ppResult);
// Do not report failure to EAPHost, as it will not save updated configuration then. But we need it to save it, to alert user on next connection attempt.
// EAPHost is well aware of the failed condition.
//if (reason == EapPeerMethodResultFailure) { //if (reason == EapPeerMethodResultFailure) {
// ppResult->fIsSuccess = FALSE; // ppResult->fIsSuccess = FALSE;
// ppResult->dwFailureReasonCode = EAP_E_AUTHENTICATION_FAILED; // ppResult->dwFailureReasonCode = EAP_E_AUTHENTICATION_FAILED;

11
lib/TTLS/src/Module.cpp
View File

@@ -109,14 +109,17 @@ void eap::peer_ttls::get_identity(
{ {
// Combine credentials. // Combine credentials.
user_impersonator impersonating(hTokenImpersonateUser); user_impersonator impersonating(hTokenImpersonateUser);
*pfInvokeUI = cred_out.combine( pair<eap::credentials::source_t, eap::credentials::source_t> cred_source(cred_out.combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE #ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
&cred_in, &cred_in,
#else #else
NULL, NULL,
#endif #endif
*cfg_method, *cfg_method,
(dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL) ? FALSE : TRUE; (dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL));
// If either of credentials is unknown, request UI.
*pfInvokeUI = cred_source.first == eap::credentials::source_unknown || cred_source.second == eap::credentials::source_unknown ? TRUE : FALSE;
} }
if (*pfInvokeUI) { if (*pfInvokeUI) {
@@ -132,14 +135,14 @@ void eap::peer_ttls::get_identity(
// If we got here, we have all credentials we need. But, wait! // If we got here, we have all credentials we need. But, wait!
if (cfg_method->m_cred_failed) { if (cfg_method->m_auth_failed) {
// Outer TLS: Credentials failed on last connection attempt. // Outer TLS: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)eap_type_tls), event_data::blank); log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)eap_type_tls), event_data::blank);
*pfInvokeUI = TRUE; *pfInvokeUI = TRUE;
return; return;
} }
if (cfg_method->m_inner->m_cred_failed) { if (cfg_method->m_inner->m_auth_failed) {
// Inner: Credentials failed on last connection attempt. // Inner: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)type_inner), event_data::blank); log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM, event_data((unsigned int)type_inner), event_data::blank);
*pfInvokeUI = TRUE; *pfInvokeUI = TRUE;

13
lib/TTLS_UI/include/TTLS_UI.h
View File

@@ -45,7 +45,6 @@ class wxTTLSCredentialsPanel;
#include <wx/choicebk.h> #include <wx/choicebk.h>
#include <wx/icon.h> #include <wx/icon.h>
#include <wx/scrolwin.h>
#include <wx/stattext.h> #include <wx/stattext.h>
#include <Windows.h> #include <Windows.h>
@@ -74,32 +73,28 @@ protected:
}; };
class wxTTLSConfigWindow : public wxScrolledWindow class wxTTLSConfigWindow : public wxEAPConfigWindow
{ {
public: public:
/// ///
/// Constructs a configuration panel /// Constructs a configuration panel
/// ///
/// \param[in] prov Provider configuration data
/// \param[inout] cfg Configuration data /// \param[inout] cfg Configuration data
/// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name. /// \param[in] pszCredTarget Target name of credentials in Windows Credential Manager. Can be further decorated to create final target name.
/// \param[in] parent Parent window /// \param[in] parent Parent window
/// ///
wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent); wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent);
///
/// Destructs the configuration panel
///
virtual ~wxTTLSConfigWindow();
protected: protected:
/// \cond internal /// \cond internal
virtual bool TransferDataToWindow(); virtual bool TransferDataToWindow();
virtual bool TransferDataFromWindow(); virtual bool TransferDataFromWindow();
virtual void OnInitDialog(wxInitDialogEvent& event); virtual void OnInitDialog(wxInitDialogEvent& event);
virtual void OnUpdateUI(wxUpdateUIEvent& event);
/// \endcond /// \endcond
protected: protected:
const eap::config_provider &m_prov; ///< EAP provider
eap::config_method_ttls &m_cfg; ///< TTLS configuration eap::config_method_ttls &m_cfg; ///< TTLS configuration
wxStaticText *m_outer_title; ///< Outer authentication title wxStaticText *m_outer_title; ///< Outer authentication title
wxTTLSConfigPanel *m_outer_identity; ///< Outer identity configuration panel wxTTLSConfigPanel *m_outer_identity; ///< Outer identity configuration panel
@@ -108,7 +103,7 @@ protected:
wxChoicebook *m_inner_type; ///< Inner authentication type wxChoicebook *m_inner_type; ///< Inner authentication type
// Temporary inner method configurations to hold data until applied // Temporary inner method configurations to hold data until applied
eap::config_method_pap m_cfg_pap; ///< PAP configuration eap::config_method_pap m_cfg_pap; ///< PAP configuration
}; };

37
lib/TTLS_UI/src/Module.cpp
View File

@@ -83,8 +83,26 @@ void eap::peer_ttls_ui::invoke_config_ui(
{ {
// Unpack configuration. // Unpack configuration.
config_provider_list cfg(*this); config_provider_list cfg(*this);
if (dwConnectionDataInSize) if (dwConnectionDataInSize) {
// Load existing configuration.
unpack(cfg, pConnectionDataIn, dwConnectionDataInSize); unpack(cfg, pConnectionDataIn, dwConnectionDataInSize);
} else {
// This is a blank network profile. Create default configuraton.
// Start with PAP inner configuration.
unique_ptr<config_method_ttls> cfg_method(new config_method_ttls(*this));
cfg_method->m_inner.reset(new config_method_pap(*this));
cfg_method->m_anonymous_identity = L"@";
cfg_method->m_use_preshared = true;
cfg_method->m_preshared.reset(new credentials_tls(*this));
// Start with one method.
config_provider cfg_provider(*this);
cfg_provider.m_methods.push_back(std::move(cfg_method));
// Start with one provider.
cfg.m_providers.push_back(std::move(cfg_provider));
}
// Initialize application. // Initialize application.
new wxApp(); new wxApp();
@@ -163,14 +181,14 @@ void eap::peer_ttls_ui::invoke_identity_ui(
} }
// Combine credentials. // Combine credentials.
cred_out.combine( pair<eap::credentials::source_t, eap::credentials::source_t> cred_source(cred_out.combine(
#ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE #ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE
&cred_in, &cred_in,
#else #else
NULL, NULL,
#endif #endif
*cfg_method, *cfg_method,
(dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL); (dwFlags & EAP_FLAG_GUEST_ACCESS) == 0 ? cfg_prov.m_id.c_str() : NULL));
if (dwFlags & EAP_FLAG_GUEST_ACCESS) { if (dwFlags & EAP_FLAG_GUEST_ACCESS) {
// Disable credential saving for guests. // Disable credential saving for guests.
@@ -190,10 +208,18 @@ void eap::peer_ttls_ui::invoke_identity_ui(
parent.AdoptAttributesFromHWND(); parent.AdoptAttributesFromHWND();
wxTopLevelWindows.Append(&parent); wxTopLevelWindows.Append(&parent);
// Create and launch credentials dialog. // Create credentials dialog.
wxEAPCredentialsDialog dlg(cfg_prov, &parent); wxEAPCredentialsDialog dlg(cfg_prov, &parent);
wxTTLSCredentialsPanel *panel = new wxTTLSCredentialsPanel(cfg_prov, *cfg_method, cred_out, cfg_prov.m_id.c_str(), &dlg); wxTTLSCredentialsPanel *panel = new wxTTLSCredentialsPanel(cfg_prov, *cfg_method, cred_out, cfg_prov.m_id.c_str(), &dlg);
dlg.AddContents((wxPanel**)&panel, 1); dlg.AddContent(panel);
// Set "Remember" checkboxes according to credential source,
panel->m_outer_cred->SetRememberValue(cred_source.first == eap::credentials::source_storage);
wxPAPCredentialsPanel *panel_inner_cred_pap = dynamic_cast<wxPAPCredentialsPanel*>(panel->m_inner_cred);
if (panel_inner_cred_pap)
panel_inner_cred_pap->SetRememberValue(cred_source.second == eap::credentials::source_storage);
// Centre and display dialog.
dlg.Centre(wxBOTH); dlg.Centre(wxBOTH);
result = dlg.ShowModal(); result = dlg.ShowModal();
if (result == wxID_OK) { if (result == wxID_OK) {
@@ -208,7 +234,6 @@ void eap::peer_ttls_ui::invoke_identity_ui(
} }
} }
wxPAPCredentialsPanel *panel_inner_cred_pap = dynamic_cast<wxPAPCredentialsPanel*>(panel->m_inner_cred);
if (panel_inner_cred_pap && panel_inner_cred_pap->GetRememberValue()) { if (panel_inner_cred_pap && panel_inner_cred_pap->GetRememberValue()) {
try { try {
cred_out.m_inner->store(cfg_prov.m_id.c_str()); cred_out.m_inner->store(cfg_prov.m_id.c_str());

59
lib/TTLS_UI/src/TTLS_UI.cpp
View File

@@ -38,14 +38,6 @@ wxTTLSConfigPanel::wxTTLSConfigPanel(const eap::config_provider &prov, eap::conf
bool wxTTLSConfigPanel::TransferDataToWindow() bool wxTTLSConfigPanel::TransferDataToWindow()
{ {
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_outer_identity_same ->Enable(false);
m_outer_identity_empty ->Enable(false);
m_outer_identity_custom ->Enable(false);
m_outer_identity_custom_val->Enable(false);
}
// Populate identity controls. // Populate identity controls.
if (m_cfg.m_anonymous_identity.empty()) { if (m_cfg.m_anonymous_identity.empty()) {
m_outer_identity_same->SetValue(true); m_outer_identity_same->SetValue(true);
@@ -82,8 +74,17 @@ void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
{ {
UNREFERENCED_PARAMETER(event); UNREFERENCED_PARAMETER(event);
if (!m_prov.m_read_only) { if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_outer_identity_same ->Enable(false);
m_outer_identity_empty ->Enable(false);
m_outer_identity_custom ->Enable(false);
m_outer_identity_custom_val->Enable(false);
} else {
// This is not a provider-locked configuration. Selectively enable/disable controls. // This is not a provider-locked configuration. Selectively enable/disable controls.
m_outer_identity_same ->Enable(true);
m_outer_identity_empty ->Enable(true);
m_outer_identity_custom ->Enable(true);
m_outer_identity_custom_val->Enable(m_outer_identity_custom->GetValue()); m_outer_identity_custom_val->Enable(m_outer_identity_custom->GetValue());
} }
} }
@@ -94,10 +95,9 @@ void wxTTLSConfigPanel::OnUpdateUI(wxUpdateUIEvent& event)
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent) : wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::config_method &cfg, LPCTSTR pszCredTarget, wxWindow* parent) :
m_prov(prov),
m_cfg((eap::config_method_ttls&)cfg), m_cfg((eap::config_method_ttls&)cfg),
m_cfg_pap(cfg.m_module), m_cfg_pap(cfg.m_module),
wxScrolledWindow(parent, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxVSCROLL) wxEAPConfigWindow(prov, cfg, parent)
{ {
wxBoxSizer* sb_content; wxBoxSizer* sb_content;
sb_content = new wxBoxSizer( wxVERTICAL ); sb_content = new wxBoxSizer( wxVERTICAL );
@@ -112,7 +112,8 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::co
m_inner_type = new wxChoicebook(this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxCHB_DEFAULT); m_inner_type = new wxChoicebook(this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxCHB_DEFAULT);
m_inner_type->SetToolTip( _("Select inner authentication method from the list") ); m_inner_type->SetToolTip( _("Select inner authentication method from the list") );
m_inner_type->AddPage(new wxPAPConfigPanel(m_prov, m_cfg_pap, pszCredTarget, m_inner_type), _("PAP")); wxPAPConfigPanel *panel_pap = new wxPAPConfigPanel(m_prov, m_cfg_pap, pszCredTarget, m_inner_type);
m_inner_type->AddPage(panel_pap, _("PAP"));
sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5); sb_content->Add(m_inner_type, 0, wxALL|wxEXPAND, 5);
sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5); sb_content->Add(20, 20, 1, wxALL|wxEXPAND, 5);
@@ -135,32 +136,17 @@ wxTTLSConfigWindow::wxTTLSConfigWindow(const eap::config_provider &prov, eap::co
size.y = 500; size.y = 500;
} }
this->SetMinSize(size); this->SetMinSize(size);
this->SetScrollRate(5, 5);
this->SetSizer(sb_content); this->SetSizer(sb_content);
this->Layout(); this->Layout();
m_inner_type->SetFocusFromKbd(); // m_inner_type->SetFocusFromKbd(); // This control steals mouse-wheel scrolling for itself
panel_pap->SetFocusFromKbd();
// Connect Events
this->Connect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxTTLSConfigWindow::OnInitDialog));
}
wxTTLSConfigWindow::~wxTTLSConfigWindow()
{
// Disconnect Events
this->Disconnect(wxEVT_INIT_DIALOG, wxInitDialogEventHandler(wxTTLSConfigWindow::OnInitDialog));
} }
bool wxTTLSConfigWindow::TransferDataToWindow() bool wxTTLSConfigWindow::TransferDataToWindow()
{ {
if (m_prov.m_read_only) {
// This is provider-locked configuration. Disable controls.
m_inner_type->GetChoiceCtrl()->Enable(false);
}
eap::config_method_pap *cfg_pap = dynamic_cast<eap::config_method_pap*>(m_cfg.m_inner.get()); eap::config_method_pap *cfg_pap = dynamic_cast<eap::config_method_pap*>(m_cfg.m_inner.get());
if (cfg_pap) { if (cfg_pap) {
m_cfg_pap = *cfg_pap; m_cfg_pap = *cfg_pap;
@@ -196,8 +182,7 @@ bool wxTTLSConfigWindow::TransferDataFromWindow()
void wxTTLSConfigWindow::OnInitDialog(wxInitDialogEvent& event) void wxTTLSConfigWindow::OnInitDialog(wxInitDialogEvent& event)
{ {
// Call TransferDataToWindow() manually, as wxScrolledWindow somehow skips that. wxEAPConfigWindow::OnInitDialog(event);
TransferDataToWindow();
// Forward the event to child panels. // Forward the event to child panels.
m_outer_identity->GetEventHandler()->ProcessEvent(event); m_outer_identity->GetEventHandler()->ProcessEvent(event);
@@ -207,6 +192,14 @@ void wxTTLSConfigWindow::OnInitDialog(wxInitDialogEvent& event)
} }
void wxTTLSConfigWindow::OnUpdateUI(wxUpdateUIEvent& event)
{
wxEAPConfigWindow::OnUpdateUI(event);
m_inner_type->GetChoiceCtrl()->Enable(!m_prov.m_read_only);
}
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// wxTTLSCredentialsPanel // wxTTLSCredentialsPanel
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
@@ -226,7 +219,7 @@ wxTTLSCredentialsPanel::wxTTLSCredentialsPanel(const eap::config_provider &prov,
assert(m_cfg.m_inner); assert(m_cfg.m_inner);
if (m_cfg.m_inner->m_cred_failed) if (m_cfg.m_inner->m_auth_failed)
sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, this), 0, wxALL|wxEXPAND, 5); sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, this), 0, wxALL|wxEXPAND, 5);
const eap::config_method_pap *cfg_inner_pap = dynamic_cast<const eap::config_method_pap*>(m_cfg.m_inner.get()); const eap::config_method_pap *cfg_inner_pap = dynamic_cast<const eap::config_method_pap*>(m_cfg.m_inner.get());
@@ -245,7 +238,7 @@ wxTTLSCredentialsPanel::wxTTLSCredentialsPanel(const eap::config_provider &prov,
m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) ); m_outer_title->SetForegroundColour( wxSystemSettings::GetColour( wxSYS_COLOUR_INACTIVECAPTION ) );
sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5); sb_content->Add(m_outer_title, 0, wxALL|wxALIGN_RIGHT, 5);
if (m_cfg.m_cred_failed) if (m_cfg.m_auth_failed)
sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, this), 0, wxALL|wxEXPAND, 5); sb_content->Add(new wxEAPCredentialWarningPanel(m_prov, this), 0, wxALL|wxEXPAND, 5);
m_outer_cred = new wxTLSCredentialsPanel(m_prov, (const eap::config_method_tls&)m_cfg, (eap::credentials_tls&)cred, pszCredTarget, this, is_config); m_outer_cred = new wxTLSCredentialsPanel(m_prov, (const eap::config_method_tls&)m_cfg, (eap::credentials_tls&)cred, pszCredTarget, this, is_config);

2
lib/WinStd

Submodule lib/WinStd updated: 8a0799c2b7...f94b72379e