STATIC CFDictionaryRef copy_def_auth_props(SCPreferencesRef eap_prefs) { CFArrayRef accept_types = NULL; CFMutableDictionaryRef auth_props; int list[] = { kEAPTypePEAP, kEAPTypeTTLS, kEAPTypeEAPFAST, kEAPTypeTLS }; int list_count = sizeof(list) / sizeof(list[0]); CFDictionaryRef pref_auth_props; pref_auth_props = SCPreferencesGetValue(eap_prefs, kConfigurationKeyDefaultAuthenticationProperties); if (pref_auth_props != NULL) { accept_types = CFDictionaryGetValue(pref_auth_props, kEAPClientPropAcceptEAPTypes); if (accept_types_valid(accept_types)) { CFRetain(pref_auth_props); return (pref_auth_props); } if (accept_types != NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: default Authentication " "Properties invalid, %@ - ignoring"), pref_auth_props); } } accept_types = myCFArrayCreateWithIntegerList(list, list_count); auth_props = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); CFDictionarySetValue(auth_props, kEAPClientPropAcceptEAPTypes, accept_types); CFDictionarySetValue(auth_props, kEAPClientPropEAPFASTUsePAC, kCFBooleanTrue); CFDictionarySetValue(auth_props, kEAPClientPropEAPFASTProvisionPAC, kCFBooleanTrue); CFRelease(accept_types); return (auth_props); }
/* * Function: EAPOLClientConfigurationSetDefaultAuthenticationProperties * * Purpose: * Set the default authentication properties. * * If 'auth_props' is NULL, resets the value to the default. * * Returns: * FALSE if the auth_props dictionary is invalid, TRUE otherwise. * * Note: * You must call EAPOLClientConfigurationSave() to make the change permanent. */ Boolean EAPOLClientConfigurationSetDefaultAuthenticationProperties(EAPOLClientConfigurationRef cfg, CFDictionaryRef auth_props) { CFArrayRef accept_types; my_CFRelease(&cfg->def_auth_props); if (auth_props == NULL) { cfg->def_auth_props = copy_def_auth_props(cfg->eap_prefs); cfg->def_auth_props_changed = TRUE; return (TRUE); } accept_types = CFDictionaryGetValue(auth_props, kEAPClientPropAcceptEAPTypes); if (accept_types_valid(accept_types) == FALSE) { return (FALSE); } cfg->def_auth_props = CFRetain(auth_props); cfg->def_auth_props_changed = TRUE; return (TRUE); }
PRIVATE_EXTERN EAPOLClientProfileRef EAPOLClientProfileCreateWithDictAndProfileID(CFDictionaryRef dict, CFStringRef profileID) { CFAllocatorRef alloc = CFGetAllocator(dict); CFArrayRef accept_types; CFDictionaryRef information; CFStringRef domain = NULL; CFDictionaryRef eap_config; EAPOLClientProfileRef profile; CFStringRef security_type = NULL; CFStringRef user_defined_name; CFDataRef ssid = NULL; CFDictionaryRef wlan; eap_config = CFDictionaryGetValue(dict, kProfileKeyAuthenticationProperties); if (isA_CFDictionary(eap_config) == NULL || CFDictionaryGetCount(eap_config) == 0) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " missing/invalid %@ property"), profileID, kProfileKeyAuthenticationProperties); return (NULL); } accept_types = CFDictionaryGetValue(eap_config, kEAPClientPropAcceptEAPTypes); if (accept_types_valid(accept_types) == FALSE) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " missing/invalid %@ property in %@"), profileID, kEAPClientPropAcceptEAPTypes, kProfileKeyAuthenticationProperties); return (NULL); } wlan = CFDictionaryGetValue(dict, kProfileKeyWLAN); if (wlan != NULL) { if (isA_CFDictionary(wlan) == NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " invalid %@ property"), profileID, kProfileKeyWLAN); return (NULL); } ssid = CFDictionaryGetValue(wlan, kProfileKeyWLANSSID); domain = CFDictionaryGetValue(wlan, kProfileKeyWLANDomain); if (isA_CFData(ssid) == NULL && isA_CFString(domain) == NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " invalid/missing property (%@ or %@) in %@"), profileID, kProfileKeyWLANSSID, kProfileKeyWLANDomain, kProfileKeyWLAN); return (NULL); } if (ssid != NULL) { security_type = CFDictionaryGetValue(wlan, kProfileKeyWLANSecurityType); if (isA_CFString(security_type) == NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " invalid/missing %@ property in %@"), profileID, kProfileKeyWLANSecurityType, kProfileKeyWLAN); return (NULL); } } } user_defined_name = CFDictionaryGetValue(dict, kProfileKeyUserDefinedName); if (user_defined_name != NULL && isA_CFString(user_defined_name) == NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " invalid %@ property"), profileID, kProfileKeyUserDefinedName); return (NULL); } information = CFDictionaryGetValue(dict, kProfileKeyInformation); if (information != NULL && isA_CFDictionary(information) == NULL) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " invalid %@ property"), profileID, kProfileKeyInformation); return (NULL); } /* allocate/set an EAPOLClientProfileRef */ profile = __EAPOLClientProfileAllocate(alloc); if (profile == NULL) { return (NULL); } profile->uuid = CFRetain(profileID); EAPOLClientProfileSetUserDefinedName(profile, user_defined_name); EAPOLClientProfileSetAuthenticationProperties(profile, eap_config); if (ssid != NULL) { EAPOLClientProfileSetWLANSSIDAndSecurityType(profile, ssid, security_type); } else if (domain != NULL) { EAPOLClientProfileSetWLANDomain(profile, domain); } if (information != NULL) { profile->information = CFDictionaryCreateMutableCopy(NULL, 0, information); } return (profile); }
PRIVATE_EXTERN CFMutableDictionaryRef EAPOLClientProfileCreateDictAndProfileID(EAPOLClientProfileRef profile, CFStringRef * ret_profileID) { CFArrayRef accept_types = NULL; CFMutableDictionaryRef dict; if (profile->auth_props != NULL) { accept_types = CFDictionaryGetValue(profile->auth_props, kEAPClientPropAcceptEAPTypes); } if (accept_types_valid(accept_types) == FALSE) { SCLog(TRUE, LOG_NOTICE, CFSTR("EAPOLClientConfiguration: profile %@" " missing/invalid AuthenticationProperties"), EAPOLClientProfileGetID(profile)); return (NULL); } dict = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); if (ret_profileID != NULL) { *ret_profileID = CFRetain(profile->uuid); } CFDictionarySetValue(dict, kProfileKeyAuthenticationProperties, profile->auth_props); if (profile->user_defined_name != NULL) { CFDictionarySetValue(dict, kProfileKeyUserDefinedName, profile->user_defined_name); } if (profile->information != NULL && CFDictionaryGetCount(profile->information) != 0) { CFDictionarySetValue(dict, kProfileKeyInformation, profile->information); } if (profile->WLAN.ssid != NULL || profile->WLAN.domain != NULL) { int count; const void * keys[2]; CFDictionaryRef WLAN; const void * values[2]; if (profile->WLAN.ssid != NULL) { keys[0] = kProfileKeyWLANSSID; values[0] = profile->WLAN.ssid; keys[1] = kProfileKeyWLANSecurityType; values[1] = profile->WLAN.security_type; count = 2; } else { keys[0] = kProfileKeyWLANDomain; values[0] = profile->WLAN.domain; count = 1; } WLAN = CFDictionaryCreate(NULL, keys, values, count, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); CFDictionarySetValue(dict, kProfileKeyWLAN, WLAN); CFRelease(WLAN); } return (dict); }