189 lines
5.2 KiB
C++
189 lines
5.2 KiB
C++
/*
|
|
SPDX-License-Identifier: GPL-3.0-or-later
|
|
Copyright © 2015-2022 Amebis
|
|
Copyright © 2016 GÉANT
|
|
*/
|
|
|
|
#include "PCH.h"
|
|
|
|
using namespace std;
|
|
using namespace winstd;
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////
|
|
// eap::credentials_tls_tunnel
|
|
//////////////////////////////////////////////////////////////////////
|
|
|
|
eap::credentials_tls_tunnel::credentials_tls_tunnel(_In_ module &mod) :
|
|
credentials_tls(mod)
|
|
{
|
|
}
|
|
|
|
|
|
eap::credentials_tls_tunnel::credentials_tls_tunnel(_In_ const credentials_tls_tunnel &other) :
|
|
m_inner(other.m_inner ? dynamic_cast<credentials*>(other.m_inner->clone()) : nullptr),
|
|
credentials_tls(other)
|
|
{
|
|
}
|
|
|
|
|
|
eap::credentials_tls_tunnel::credentials_tls_tunnel(_Inout_ credentials_tls_tunnel &&other) noexcept :
|
|
m_inner(std::move(other.m_inner)),
|
|
credentials_tls(std::move(other))
|
|
{
|
|
}
|
|
|
|
|
|
eap::credentials_tls_tunnel& eap::credentials_tls_tunnel::operator=(_In_ const credentials_tls_tunnel &other)
|
|
{
|
|
if (this != &other) {
|
|
(credentials_tls&)*this = other;
|
|
m_inner.reset(other.m_inner ? dynamic_cast<credentials*>(other.m_inner->clone()) : nullptr);
|
|
}
|
|
|
|
return *this;
|
|
}
|
|
|
|
|
|
eap::credentials_tls_tunnel& eap::credentials_tls_tunnel::operator=(_Inout_ credentials_tls_tunnel &&other) noexcept
|
|
{
|
|
if (this != &other) {
|
|
(credentials_tls&)*this = std::move(other);
|
|
m_inner = std::move(other.m_inner);
|
|
}
|
|
|
|
return *this;
|
|
}
|
|
|
|
|
|
eap::config* eap::credentials_tls_tunnel::clone() const
|
|
{
|
|
return new credentials_tls_tunnel(*this);
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::clear()
|
|
{
|
|
credentials_tls::clear();
|
|
m_inner->clear();
|
|
}
|
|
|
|
|
|
bool eap::credentials_tls_tunnel::empty() const
|
|
{
|
|
return credentials_tls::empty() && m_inner->empty();
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot) const
|
|
{
|
|
assert(pDoc);
|
|
assert(pConfigRoot);
|
|
|
|
credentials_tls::save(pDoc, pConfigRoot);
|
|
|
|
HRESULT hr;
|
|
|
|
// <InnerAuthenticationMethod>
|
|
com_obj<IXMLDOMElement> pXmlElInnerAuthenticationMethod;
|
|
if (FAILED(hr = eapxml::create_element(pDoc, pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), bstr(L"InnerAuthenticationMethod"), namespace_eapmetadata, pXmlElInnerAuthenticationMethod)))
|
|
throw com_runtime_error(hr, __FUNCTION__ " Error creating <InnerAuthenticationMethod> element.");
|
|
|
|
// <InnerAuthenticationMethod>/...
|
|
m_inner->save(pDoc, pXmlElInnerAuthenticationMethod);
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::load(_In_ IXMLDOMNode *pConfigRoot)
|
|
{
|
|
assert(pConfigRoot);
|
|
HRESULT hr;
|
|
|
|
credentials_tls::load(pConfigRoot);
|
|
|
|
// Load inner credentials.
|
|
com_obj<IXMLDOMNode> pXmlElInnerAuthenticationMethod;
|
|
if (SUCCEEDED(hr = eapxml::select_node(pConfigRoot, bstr(L"eap-metadata:InnerAuthenticationMethod"), pXmlElInnerAuthenticationMethod)))
|
|
m_inner->load(pXmlElInnerAuthenticationMethod);
|
|
else
|
|
m_inner->clear();
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::operator<<(_Inout_ cursor_out &cursor) const
|
|
{
|
|
credentials_tls::operator<<(cursor);
|
|
cursor << *m_inner;
|
|
}
|
|
|
|
|
|
size_t eap::credentials_tls_tunnel::get_pk_size() const
|
|
{
|
|
return
|
|
credentials_tls::get_pk_size() +
|
|
pksizeof(*m_inner);
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::operator>>(_Inout_ cursor_in &cursor)
|
|
{
|
|
credentials_tls::operator>>(cursor);
|
|
cursor >> *m_inner;
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::store(_In_z_ LPCTSTR pszTargetName, _In_ unsigned int level) const
|
|
{
|
|
assert(0); // Not that we would ever store inner&outer credentials to Windows Credential Manager joined, but for completness sake... Here we go:
|
|
|
|
credentials_tls::store(pszTargetName, level);
|
|
|
|
m_inner->store(pszTargetName, level + 1);
|
|
}
|
|
|
|
|
|
void eap::credentials_tls_tunnel::retrieve(_In_z_ LPCTSTR pszTargetName, _In_ unsigned int level)
|
|
{
|
|
assert(0); // Not that we would ever retrieve inner&outer credentials to Windows Credential Manager joined, but for completness sake... Here we go:
|
|
|
|
credentials_tls::retrieve(pszTargetName, level);
|
|
|
|
m_inner->retrieve(pszTargetName, level + 1);
|
|
}
|
|
|
|
|
|
wstring eap::credentials_tls_tunnel::get_identity() const
|
|
{
|
|
// Outer identity has the right-of-way.
|
|
wstring identity(credentials_tls::get_identity());
|
|
if (!identity.empty())
|
|
return identity;
|
|
|
|
// Inner identity.
|
|
return m_inner->get_identity();
|
|
}
|
|
|
|
|
|
eap::credentials::source_t eap::credentials_tls_tunnel::combine(
|
|
_In_ DWORD dwFlags,
|
|
_In_opt_ const credentials *cred_cached,
|
|
_In_ const config_method &cfg,
|
|
_In_opt_z_ LPCTSTR pszTargetName)
|
|
{
|
|
// Combine outer credentials.
|
|
source_t src_outer = credentials_tls::combine(
|
|
dwFlags,
|
|
cred_cached,
|
|
cfg,
|
|
pszTargetName);
|
|
|
|
// Combine inner credentials.
|
|
source_t src_inner = m_inner->combine(
|
|
dwFlags,
|
|
cred_cached ? dynamic_cast<const credentials_tls_tunnel*>(cred_cached)->m_inner.get() : NULL,
|
|
*dynamic_cast<const config_method_tls_tunnel&>(cfg).m_inner,
|
|
pszTargetName);
|
|
|
|
return std::min<source_t>(src_outer, src_inner);
|
|
}
|