Compare commits

..

No commits in common. "master" and "1.3g" have entirely different histories.
master ... 1.3g

25 changed files with 65 additions and 122 deletions

View File

@ -12,7 +12,7 @@
#include <WinStd/Common.h>
#include <WinStd/Win.h>
#include <stdex/base64.hpp>
#include <stdex/base64.h>
#include <Windows.h>
#include <eaptypes.h> // Must include after <Windows.h>

View File

@ -31,7 +31,7 @@ class wxPersistentETWListCtrl;
#include <wx/persist/window.h>
#include <wx/thread.h>
#include <stdex/vector_queue.hpp>
#include <stdex/vector_queue.h>
#include <WinStd/ETW.h>
#include <memory>
@ -155,7 +155,7 @@ protected:
///
/// Functor for GUID comparison
///
struct less_guid
struct less_guid : public std::binary_function<GUID, GUID, bool>
{
///
/// Compares two GUIDs

@ -1 +1 @@
Subproject commit eccce8c523c9193c1e3a627e4dd8a80cd3cd5703
Subproject commit b8364dea81f39b321d726317a9dcbf6b13a455e0

Binary file not shown.

View File

@ -101,25 +101,14 @@ The product compilation references wxWidgets libraries using `WXWIN` environment
### Digital Signing of Build Outputs
In order to have the build process digitally sign the Release output files, one should setup either:
In order to have the build process digitally sign output files, one should provide the following:
- Local signing:
1. A signing certificate/hardware key
2. The following variables in the environment:
- `ManifestCertificateThumbprint` - set the value to certificates SHA1 thumbprint (hexadecimal, without spaces, e.g. `bc0d8da45f9eeefcbe4e334e1fc262804df88d7e`).
- `ManifestTimestampRFC3161Url` - set the value to URL used to perform timestamp signature (e.g. `http://sha256timestamp.ws.symantec.com/sha256/timestamp`, `http://timestamp.digicert.com` etc.). In order to perform the timestamp signing successfully, the computer running the build should be online and able to access this URL.
1. A signing certificate installed in the current users certificate store.
2. The following variables in the environment:
- `ManifestCertificateThumbprint` - set the value to certificates SHA1 thumbprint (hexadecimal, without spaces, i.e. `bc0d8da45f9eeefcbe4e334e1fc262804df88d7e`).
- `ManifestTimestampRFC3161Url` - set the value to URL used to perform RFC3161 timestamp signature (i.e. `http://sha256timestamp.ws.symantec.com/sha256/timestamp`). In order to perform timestamp signing successfully, the computer running the build should be online and able to access this URL.
- Microsoft Trusted Signing:
1. Install [Trusted Signing dlib package](https://www.nuget.org/packages/Microsoft.Trusted.Signing.Client):
```cmd
nuget install Microsoft.Trusted.Signing.Client -Version 1.0.53 -x`
```
2. Provide a [`manifest.json`](https://learn.microsoft.com/en-us/azure/trusted-signing/how-to-signing-integrations#create-a-json-file) file and place it at `%APPDATA%\Microsoft.Trusted.Signing.Client.json`:
```cmd
notepad "%APPDATA%\Microsoft.Trusted.Signing.Client.json"
```
Debug configurations are not digitally signed by design.
Please note that only Release builds are configured for timestamp signing. Debug configurations do not attempt to timestamp sign the resulting DLL and EXE files in order to speed up the building process and enable offline building.
### Building

View File

@ -29,7 +29,6 @@
<StringPooling>true</StringPooling>
<EnablePREfast>true</EnablePREfast>
<DisableSpecificWarnings>26812</DisableSpecificWarnings>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<GenerateDebugInformation>true</GenerateDebugInformation>

View File

@ -20,4 +20,9 @@
<EnableCOMDATFolding>false</EnableCOMDATFolding>
</Link>
</ItemDefinitionGroup>
<Target Name="Sign" Condition="'$(ManifestCertificateThumbprint)' != '' and ('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary')" AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Message Text="Signing output file..." />
<Exec Command="signtool.exe sign /sha1 &quot;%ManifestCertificateThumbprint%&quot; /fd sha256 /q &quot;$(OutDir)$(TargetName)$(TargetExt)&quot;" />
<Touch Files="$(IntDir)$(TargetName).sign" AlwaysCreate="true" />
</Target>
</Project>

View File

@ -26,14 +26,9 @@
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
</ItemDefinitionGroup>
<Target Name="SignLocal" Condition="('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary') and '$(ManifestCertificateThumbprint)' != ''"
AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Exec Command="signtool.exe sign /sha1 &quot;$(ManifestCertificateThumbprint)&quot; /fd SHA256 /tr &quot;$(ManifestTimestampRFC3161Url)&quot; /td SHA256 /q &quot;$(TargetPath)&quot;" />
<Touch Files="$(IntDir)$(TargetName).sign" AlwaysCreate="true" />
</Target>
<Target Name="SignAzure" Condition="('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary') and exists('$(APPDATA)\Microsoft.Trusted.Signing.Client.json')"
AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Exec Command="signtool.exe sign /dlib &quot;$(USERPROFILE)\.nuget\packages\microsoft.trusted.signing.client\1.0.53\bin\$(PreferredToolArchitecture)\Azure.CodeSigning.Dlib.dll&quot; /dmdf &quot;$(APPDATA)\Microsoft.Trusted.Signing.Client.json&quot; /fd SHA256 /tr &quot;http://timestamp.acs.microsoft.com&quot; /td SHA256 /q &quot;$(TargetPath)&quot;" />
<Target Name="Sign" Condition="'$(ManifestCertificateThumbprint)' != '' and ('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary')" AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Message Text="Signing output file..." />
<Exec Command="signtool.exe sign /sha1 &quot;%ManifestCertificateThumbprint%&quot; /fd sha256 /tr &quot;%ManifestTimestampRFC3161Url%&quot; /td sha256 /q &quot;$(OutDir)$(TargetName)$(TargetExt)&quot;" />
<Touch Files="$(IntDir)$(TargetName).sign" AlwaysCreate="true" />
</Target>
</Project>

View File

@ -24,26 +24,26 @@
//
#define PRODUCT_VERSION_MAJ 1
#define PRODUCT_VERSION_MIN 3
#define PRODUCT_VERSION_REV 8
#define PRODUCT_VERSION_REV 7
#define PRODUCT_VERSION_BUILD 0
//
// Human readable product version and build year for UI
//
#define PRODUCT_VERSION_STR "1.3h"
#define PRODUCT_VERSION_STR "1.3g"
#define PRODUCT_BUILD_YEAR_STR "2022"
//
// Numerical version presentation for ProductVersion propery in
// MSI packages (syntax: N.N[.N[.N]])
//
#define PRODUCT_VERSION_INST "1.3.8"
#define PRODUCT_VERSION_INST "1.3.7"
//
// The product code for ProductCode property in MSI packages
// Replace with new on every version change, regardless how minor it is.
//
#define PRODUCT_VERSION_GUID "{4AAA7B01-3457-45EE-BCD1-C3FD4117F018}"
#define PRODUCT_VERSION_GUID "{5CA2AF38-39E1-4C2B-BA76-C8C7D021EF8F}"
//
// Product vendor

View File

@ -544,8 +544,8 @@ namespace eapxml
#pragma once
#include <stdex/hex.hpp>
#include <stdex/base64.hpp>
#include <stdex/hex.h>
#include <stdex/base64.h>
#include <assert.h>
@ -763,11 +763,11 @@ namespace eapxml
winstd::bstr bstrDefault, bstrEn;
for (long i = 0; ; i++) {
if (i >= lCount) {
if (!!bstrDefault) {
if (bstrDefault != NULL) {
// Return "C" localization.
pbstrValue = std::move(bstrDefault);
return S_OK;
} else if (!!bstrEn) {
} else if (bstrEn != NULL) {
// Return "en" localization.
pbstrValue = std::move(bstrEn);
return S_OK;
@ -853,25 +853,13 @@ namespace eapxml
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ DWORD dwValue, _Out_opt_ winstd::com_obj<IXMLDOMElement> *ppXmlElement)
{
return put_element_value(
pDoc,
pCurrentDOMNode,
bstrElementName,
bstrNamespace,
winstd::bstr(winstd::wstring_printf(L"%d", dwValue)),
ppXmlElement);
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(winstd::wstring_printf(L"%d", dwValue)), ppXmlElement);
}
inline HRESULT put_element_value(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrElementName, _In_opt_z_ const BSTR bstrNamespace, _In_ bool bValue, _Out_opt_ winstd::com_obj<IXMLDOMElement> *ppXmlElement)
{
return put_element_value(
pDoc,
pCurrentDOMNode,
bstrElementName,
bstrNamespace,
winstd::bstr(bValue ? L"true": L"false"),
ppXmlElement);
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(bValue ? L"true": L"false"), ppXmlElement);
}
@ -880,13 +868,7 @@ namespace eapxml
std::wstring sBase64;
stdex::base64_enc enc;
enc.encode(sBase64, pValue, nValueLen);
return put_element_value(
pDoc,
pCurrentDOMNode,
bstrElementName,
bstrNamespace,
winstd::bstr(sBase64),
ppXmlElement);
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(sBase64), ppXmlElement);
}
@ -895,13 +877,7 @@ namespace eapxml
std::wstring sHex;
stdex::hex_enc enc;
enc.encode(sHex, pValue, nValueLen);
return put_element_value(
pDoc,
pCurrentDOMNode,
bstrElementName,
bstrNamespace,
winstd::bstr(sHex),
ppXmlElement);
return put_element_value(pDoc, pCurrentDOMNode, bstrElementName, bstrNamespace, winstd::bstr(sHex), ppXmlElement);
}
@ -1009,19 +985,13 @@ namespace eapxml
inline HRESULT put_attrib_value(_In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrAttributeName, _In_ DWORD dwValue)
{
return put_attrib_value(
pCurrentDOMNode,
bstrAttributeName,
winstd::bstr(winstd::wstring_printf(L"%d", dwValue)));
return put_attrib_value(pCurrentDOMNode, bstrAttributeName, winstd::bstr(winstd::wstring_printf(L"%d", dwValue)));
}
inline HRESULT put_attrib_value(_In_ IXMLDOMNode *pCurrentDOMNode, _In_z_ const BSTR bstrAttributeName, _In_ bool bValue)
{
return put_attrib_value(
pCurrentDOMNode,
bstrAttributeName,
winstd::bstr(bValue ? L"true": L"false"));
return put_attrib_value(pCurrentDOMNode, bstrAttributeName, winstd::bstr(bValue ? L"true": L"false"));
}
@ -1030,10 +1000,7 @@ namespace eapxml
std::wstring sBase64;
stdex::base64_enc enc;
enc.encode(sBase64, pValue, nValueLen);
return put_attrib_value(
pCurrentDOMNode,
bstrAttributeName,
winstd::bstr(sBase64));
return put_attrib_value(pCurrentDOMNode, bstrAttributeName, winstd::bstr(sBase64));
}
@ -1042,10 +1009,7 @@ namespace eapxml
std::wstring sHex;
stdex::hex_enc enc;
enc.encode(sHex, pValue, nValueLen);
return put_attrib_value(
pCurrentDOMNode,
bstrAttributeName,
winstd::bstr(sHex));
return put_attrib_value(pCurrentDOMNode, bstrAttributeName, winstd::bstr(sHex));
}

View File

@ -77,7 +77,7 @@ void eap::config_method_eaphost::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNo
// Convert configuration BLOB to XML using EapHost (and ultimately method peer's EapPeerConfigBlob2Xml).
com_obj<IXMLDOMDocument2> pConfigDoc;
eap_error error;
DWORD dwResult = EapHostPeerConfigBlob2Xml(0, m_type, (DWORD)m_cfg_blob.size(), const_cast<BYTE*>(m_cfg_blob.data()), &pConfigDoc, stdex::get_ptr(error));
DWORD dwResult = EapHostPeerConfigBlob2Xml(0, m_type, (DWORD)m_cfg_blob.size(), const_cast<BYTE*>(m_cfg_blob.data()), &pConfigDoc, get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
HRESULT hr;
@ -108,7 +108,7 @@ void eap::config_method_eaphost::load(_In_ IXMLDOMNode *pConfigRoot)
DWORD cfg_data_size = 0;
eap_blob cfg_data;
eap_error error;
DWORD dwResult = EapHostPeerConfigXml2Blob(0, pXmlElEapHostConfig, &cfg_data_size, stdex::get_ptr(cfg_data), &m_type, stdex::get_ptr(error));
DWORD dwResult = EapHostPeerConfigXml2Blob(0, pXmlElEapHostConfig, &cfg_data_size, get_ptr(cfg_data), &m_type, get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
LPCBYTE _cfg_data = cfg_data.get();
m_cfg_blob.assign(_cfg_data, _cfg_data + cfg_data_size);

View File

@ -265,9 +265,9 @@ eap::credentials::source_t eap::credentials_eaphost::combine(
src != source_t::unknown ? (DWORD)m_cred_blob.size() : 0, src != source_t::unknown ? m_cred_blob.data() : NULL,
NULL,
&fInvokeUI,
&cred_data_size, stdex::get_ptr(cred_data),
stdex::get_ptr(identity),
stdex::get_ptr(error),
&cred_data_size, get_ptr(cred_data),
get_ptr(identity),
get_ptr(error),
NULL);
if (dwResult == ERROR_SUCCESS) {
if (identity && !fInvokeUI) {

View File

@ -50,7 +50,7 @@ void eap::method_eaphost::begin_session(
dwMaxSendPacketSize,
NULL, NULL, NULL,
&m_session_id,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Session succesfully created.
} else if (error)
@ -64,7 +64,7 @@ void eap::method_eaphost::end_session()
{
// End EapHost peer session.
eap_error_runtime error;
DWORD dwResult = EapHostPeerEndSession(m_session_id, stdex::get_ptr(error));
DWORD dwResult = EapHostPeerEndSession(m_session_id, get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Session successfuly ended.
} else if (error)
@ -90,7 +90,7 @@ EapPeerMethodResponseAction eap::method_eaphost::process_request_packet(
dwReceivedPacketSize,
reinterpret_cast<const BYTE*>(pReceivedPacket),
&action,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Packet successfuly processed.
return action_h2p(action);
@ -112,7 +112,7 @@ void eap::method_eaphost::get_response_packet(
m_session_id,
&size_max,
&_packet,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Packet successfuly prepared.
packet.assign(_packet, _packet + size_max);
@ -134,7 +134,7 @@ void eap::method_eaphost::get_result(
m_session_id,
EapHostPeerMethodResultFromMethod,
&result,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Result successfuly returned.
method::get_result(reason, pResult);
@ -181,7 +181,7 @@ void eap::method_eaphost::get_ui_context(_Out_ sanitizing_blob &context_data)
m_session_id,
&dwUIContextDataSize,
&pUIContextData,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// UI context data successfuly returned.
context_data.assign(pUIContextData, pUIContextData + dwUIContextDataSize);
@ -207,7 +207,7 @@ EapPeerMethodResponseAction eap::method_eaphost::set_ui_context(
dwUIContextDataSize,
pUIContextData,
&action,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// UI context data successfuly returned.
return action_h2p(action);
@ -225,7 +225,7 @@ void eap::method_eaphost::get_response_attributes(_Out_ EapAttributes *pAttribs)
DWORD dwResult = EapHostPeerGetResponseAttributes(
m_session_id,
pAttribs,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Response attributes successfuly returned.
} else if (error)
@ -244,7 +244,7 @@ EapPeerMethodResponseAction eap::method_eaphost::set_response_attributes(_In_ co
m_session_id,
pAttribs,
&action,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Response attributes successfuly set.
return action_h2p(action);

View File

@ -12,7 +12,6 @@
#include "../../EAPBase/include/Module.h"
#include <stdex/memory.hpp>
#include <WinStd/Cred.h>
#include <WinStd/Win.h>

View File

@ -37,7 +37,7 @@ wxEapHostMethodConfigPanel::wxEapHostMethodConfigPanel(const eap::config_provide
winstd::eap_method_info_array methods;
winstd::eap_error error;
DWORD dwResult = EapHostPeerGetMethods(&methods, stdex::get_ptr(error));
DWORD dwResult = EapHostPeerGetMethods(&methods, get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
for (DWORD i = 0; i < methods.dwNumberOfMethods; i++)
m_method->Append(methods.pEapMethods[i].pwszFriendlyName, new wxEAPMethodTypeClientData(methods.pEapMethods[i].eaptype, methods.pEapMethods[i].eapProperties));
@ -112,7 +112,7 @@ void wxEapHostMethodConfigPanel::OnSettings(wxCommandEvent& event)
DWORD cfg_data_size = 0;
winstd::eap_blob cfg_data;
winstd::eap_error error;
DWORD dwResult = EapHostPeerInvokeConfigUI(GetHWND(), 0, data->m_type, (DWORD)data->m_cfg_blob.size(), data->m_cfg_blob.data(), &cfg_data_size, stdex::get_ptr(cfg_data), stdex::get_ptr(error));
DWORD dwResult = EapHostPeerInvokeConfigUI(GetHWND(), 0, data->m_type, (DWORD)data->m_cfg_blob.size(), data->m_cfg_blob.data(), &cfg_data_size, get_ptr(cfg_data), get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
LPCBYTE _cfg_data = cfg_data.get();
data->m_cfg_blob.assign(_cfg_data, _cfg_data + cfg_data_size);

View File

@ -8,7 +8,6 @@
#include "../include/EapHost_UI.h"
#include <stdex/memory.hpp>
#include <WinStd/EAP.h>
#include <eaphostpeerconfigapis.h>

View File

@ -11,7 +11,7 @@
#include "../../EAPBase/include/Module.h"
#include <stdex/hex.hpp>
#include <stdex/hex.h>
#include <Windows.h>
#include <EapHostError.h> // include after Windows.h

View File

@ -12,7 +12,7 @@
#include "../../EAPBase/include/Module.h"
#include <stdex/hex.hpp>
#include <stdex/hex.h>
#include <Windows.h>
#include <EapHostError.h> // include after Windows.h

View File

@ -530,6 +530,8 @@ void eap::method_tls::get_result(
method::get_result(reason, pResult);
if (reason == EapPeerMethodResultSuccess) {
eap_attr a;
// Prepare EAP result attributes.
if (pResult->pAttribArray) {
m_eap_attr.reserve((size_t)pResult->pAttribArray->dwNumberOfAttributes + 3);
@ -549,18 +551,12 @@ void eap::method_tls::get_result(
get_keying_material(recv, send);
// MSK: MPPE-Recv-Key
{
eap_attr a;
a.create_ms_mppe_key(16, recv.data, sizeof(recv.data));
m_eap_attr.push_back(std::move(a));
}
a.create_ms_mppe_key(16, recv.data, sizeof(recv.data));
m_eap_attr.push_back(std::move(a));
// MSK: MPPE-Send-Key
{
eap_attr a;
a.create_ms_mppe_key(17, send.data, sizeof(send.data));
m_eap_attr.push_back(std::move(a));
}
a.create_ms_mppe_key(17, send.data, sizeof(send.data));
m_eap_attr.push_back(std::move(a));
// Append blank EAP attribute.
m_eap_attr.push_back(blank_eap_attr);

View File

@ -83,7 +83,6 @@ EapPeerMethodResponseAction eap::method_eapmsg::process_request_packet(
break;
}
// Do not break out of this case to allow continuing with the following case, checking there is no second mandatory EAP-Message present.
[[fallthrough]];
default:
if (hdr->flags & diameter_avp_flag_mandatory)

View File

@ -215,9 +215,9 @@ void eap::peer_peap_ui::invoke_identity_ui(
hwndParent,
(DWORD)cfg_inner_eaphost->m_cfg_blob.size(), cfg_inner_eaphost->m_cfg_blob.data(),
(DWORD)cred_inner->m_cred_blob.size(), cred_inner->m_cred_blob.data(),
&cred_data_size, stdex::get_ptr(cred_data),
stdex::get_ptr(identity),
stdex::get_ptr(error),
&cred_data_size, get_ptr(cred_data),
get_ptr(identity),
get_ptr(error),
NULL);
if (dwResult == ERROR_SUCCESS) {
// Inner EAP method provided credentials.
@ -330,7 +330,7 @@ void eap::peer_peap_ui::invoke_interactive_ui(
ctx.m_data.data(),
&dwSizeofDataFromInteractiveUI,
&pDataFromInteractiveUI,
stdex::get_ptr(error));
get_ptr(error));
if (dwResult == ERROR_SUCCESS) {
// Inner EAP method provided response.
ctx.m_data.assign(pDataFromInteractiveUI, pDataFromInteractiveUI + dwSizeofDataFromInteractiveUI);

View File

@ -20,6 +20,4 @@
#include "../../EapHost/include/Credentials.h"
#include "../../EapBase/include/UIContext.h"
#include <stdex/memory.hpp>
#include <wx/choicdlg.h>

@ -1 +1 @@
Subproject commit f85047dab9f000b625864eb930e11f650831ef7c
Subproject commit 49b55331e47900e0c0188f4541279aa8acf8ed3d

@ -1 +1 @@
Subproject commit 246f2baa1e3a7964f173469da3fd16e8336094cc
Subproject commit ff8ca7f073a34e4e2e7829e914e1db43271a15c4

@ -1 +1 @@
Subproject commit 79ec08365068ab6e03b06caef13de0ce6b06fcd5
Subproject commit e3a59d1118053ed48dc15b83d17125da87c434dd