AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-14 19:54:57 +03:00
Code Releases Activity

Openssl engine certificate authentication

Browse Source 
TODO cert get, call finish engine, call init engine in another step, handle authentication, internatiolazion (help is needed)
This commit is contained in:
mcallist
2020-07-06 20:25:18 +02:00
parent f22b013dda
commit ff3910eb86
12 changed files with 192 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
src/Cedar/Client.c
View File

@ -1,6 +1,6 @@
// SoftEther VPN Source Code - Developer Edition Master Branch
// Cedar Communication Module
// © 2020 Nokia
// Client.c
// Client Manager
@ -4402,6 +4402,17 @@ void InRpcClientAuth(CLIENT_AUTH *c, PACK *p)
PackGetStr(p, "SecurePublicCertName", c->SecurePublicCertName, sizeof(c->SecurePublicCertName));
PackGetStr(p, "SecurePrivateKeyName", c->SecurePrivateKeyName, sizeof(c->SecurePrivateKeyName));
break;
case CLIENT_AUTHTYPE_OPENSSLENGINE:
b = PackGetBuf(p, "ClientX");
if (b != NULL)
{
c->ClientX = BufToX(b, false);
FreeBuf(b);
}
PackGetStr(p, "OpensslEnginePrivateKeyName", c->OpensslEnginePrivateKeyName, sizeof(c->OpensslEnginePrivateKeyName));
PackGetStr(p, "OpensslEngineName", c->OpensslEngineName, sizeof(c->OpensslEngineName));
break;
}
}
void OutRpcClientAuth(PACK *p, CLIENT_AUTH *c)
@ -4448,6 +4459,17 @@ void OutRpcClientAuth(PACK *p, CLIENT_AUTH *c)
PackAddStr(p, "SecurePublicCertName", c->SecurePublicCertName);
PackAddStr(p, "SecurePrivateKeyName", c->SecurePrivateKeyName);
break;
case CLIENT_AUTHTYPE_OPENSSLENGINE:
b = XToBuf(c->ClientX, false);
if (b != NULL)
{
PackAddBuf(p, "ClientX", b);
FreeBuf(b);
}
PackAddStr(p, "OpensslEnginePrivateKeyName", c->OpensslEnginePrivateKeyName);
PackAddStr(p, "OpensslEngineName", c->OpensslEngineName);
break;
}
}
@ -6402,6 +6424,11 @@ bool CtConnect(CLIENT *c, RPC_CLIENT_CONNECT *connect)
// Register a procedure for secure device authentication
r->ClientAuth->SecureSignProc = CiSecureSignProc;
}
else if (r->ClientAuth->AuthType == CLIENT_AUTHTYPE_OPENSSLENGINE)
{
/* r->ClientAuth->ClientK = OpensslEngineToK("asdf"); */
r->ClientAuth->SecureSignProc = NULL;
}
else
{
r->ClientAuth->SecureSignProc = NULL;
@ -9266,6 +9293,20 @@ CLIENT_AUTH *CiLoadClientAuth(FOLDER *f)
CfgGetStr(f, "SecurePublicCertName", a->SecurePublicCertName, sizeof(a->SecurePublicCertName));
CfgGetStr(f, "SecurePrivateKeyName", a->SecurePrivateKeyName, sizeof(a->SecurePrivateKeyName));
break;
case CLIENT_AUTHTYPE_OPENSSLENGINE:
b = CfgGetBuf(f, "ClientCert");
if (b != NULL)
{
a->ClientX = BufToX(b, false);
}
FreeBuf(b);
if (CfgGetStr(f, "OpensslEnginePrivateKeyName", a->OpensslEnginePrivateKeyName, sizeof(a->OpensslEnginePrivateKeyName)))
{
a->ClientK = OpensslEngineToK(a->OpensslEnginePrivateKeyName, a->OpensslEngineName);
}
CfgGetStr(f, "OpensslEngineName", a->OpensslEngineName, sizeof(a->OpensslEngineName));
break;
}
return a;
@ -9810,6 +9851,16 @@ void CiWriteClientAuth(FOLDER *f, CLIENT_AUTH *a)
CfgAddStr(f, "SecurePublicCertName", a->SecurePublicCertName);
CfgAddStr(f, "SecurePrivateKeyName", a->SecurePrivateKeyName);
break;
case CLIENT_AUTHTYPE_OPENSSLENGINE:
if (a->ClientX != NULL) {
b = XToBuf(a->ClientX, false);
CfgAddByte(f, "ClientCert", b->Buf, b->Size);
FreeBuf(b);
}
CfgAddStr(f, "OpensslEnginePrivateKeyName", a->OpensslEnginePrivateKeyName);
CfgAddStr(f, "OpensslEngineName", a->OpensslEngineName);
break;
}
}