STATIC CFDictionaryRef
copy_def_auth_props(SCPreferencesRef eap_prefs)
{
CFArrayRef accept_types = NULL;
CFMutableDictionaryRef auth_props;
int list[] = {
kEAPTypePEAP,
kEAPTypeTTLS,
kEAPTypeEAPFAST,
kEAPTypeTLS
};
int list_count = sizeof(list) / sizeof(list[0]);
CFDictionaryRef pref_auth_props;
pref_auth_props
= SCPreferencesGetValue(eap_prefs,
kConfigurationKeyDefaultAuthenticationProperties);
if (pref_auth_props != NULL) {
accept_types = CFDictionaryGetValue(pref_auth_props,
kEAPClientPropAcceptEAPTypes);
if (accept_types_valid(accept_types)) {
CFRetain(pref_auth_props);
return (pref_auth_props);
}
if (accept_types != NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: default Authentication "
"Properties invalid, %@ - ignoring"), pref_auth_props);
}
}
accept_types = myCFArrayCreateWithIntegerList(list, list_count);
auth_props = CFDictionaryCreateMutable(NULL, 0,
&kCFTypeDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
CFDictionarySetValue(auth_props,
kEAPClientPropAcceptEAPTypes,
accept_types);
CFDictionarySetValue(auth_props, kEAPClientPropEAPFASTUsePAC,
kCFBooleanTrue);
CFDictionarySetValue(auth_props, kEAPClientPropEAPFASTProvisionPAC,
kCFBooleanTrue);
CFRelease(accept_types);
return (auth_props);
}
/*
* Function: EAPOLClientConfigurationSetDefaultAuthenticationProperties
*
* Purpose:
* Set the default authentication properties.
*
* If 'auth_props' is NULL, resets the value to the default.
*
* Returns:
* FALSE if the auth_props dictionary is invalid, TRUE otherwise.
*
* Note:
* You must call EAPOLClientConfigurationSave() to make the change permanent.
*/
Boolean
EAPOLClientConfigurationSetDefaultAuthenticationProperties(EAPOLClientConfigurationRef cfg,
CFDictionaryRef auth_props)
{
CFArrayRef accept_types;
my_CFRelease(&cfg->def_auth_props);
if (auth_props == NULL) {
cfg->def_auth_props = copy_def_auth_props(cfg->eap_prefs);
cfg->def_auth_props_changed = TRUE;
return (TRUE);
}
accept_types = CFDictionaryGetValue(auth_props,
kEAPClientPropAcceptEAPTypes);
if (accept_types_valid(accept_types) == FALSE) {
return (FALSE);
}
cfg->def_auth_props = CFRetain(auth_props);
cfg->def_auth_props_changed = TRUE;
return (TRUE);
}
PRIVATE_EXTERN EAPOLClientProfileRef
EAPOLClientProfileCreateWithDictAndProfileID(CFDictionaryRef dict,
CFStringRef profileID)
{
CFAllocatorRef alloc = CFGetAllocator(dict);
CFArrayRef accept_types;
CFDictionaryRef information;
CFStringRef domain = NULL;
CFDictionaryRef eap_config;
EAPOLClientProfileRef profile;
CFStringRef security_type = NULL;
CFStringRef user_defined_name;
CFDataRef ssid = NULL;
CFDictionaryRef wlan;
eap_config = CFDictionaryGetValue(dict,
kProfileKeyAuthenticationProperties);
if (isA_CFDictionary(eap_config) == NULL
|| CFDictionaryGetCount(eap_config) == 0) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" missing/invalid %@ property"),
profileID, kProfileKeyAuthenticationProperties);
return (NULL);
}
accept_types = CFDictionaryGetValue(eap_config,
kEAPClientPropAcceptEAPTypes);
if (accept_types_valid(accept_types) == FALSE) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" missing/invalid %@ property in %@"),
profileID, kEAPClientPropAcceptEAPTypes,
kProfileKeyAuthenticationProperties);
return (NULL);
}
wlan = CFDictionaryGetValue(dict, kProfileKeyWLAN);
if (wlan != NULL) {
if (isA_CFDictionary(wlan) == NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" invalid %@ property"),
profileID, kProfileKeyWLAN);
return (NULL);
}
ssid = CFDictionaryGetValue(wlan, kProfileKeyWLANSSID);
domain = CFDictionaryGetValue(wlan, kProfileKeyWLANDomain);
if (isA_CFData(ssid) == NULL && isA_CFString(domain) == NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" invalid/missing property (%@ or %@) in %@"),
profileID, kProfileKeyWLANSSID, kProfileKeyWLANDomain,
kProfileKeyWLAN);
return (NULL);
}
if (ssid != NULL) {
security_type = CFDictionaryGetValue(wlan,
kProfileKeyWLANSecurityType);
if (isA_CFString(security_type) == NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" invalid/missing %@ property in %@"),
profileID, kProfileKeyWLANSecurityType, kProfileKeyWLAN);
return (NULL);
}
}
}
user_defined_name = CFDictionaryGetValue(dict, kProfileKeyUserDefinedName);
if (user_defined_name != NULL && isA_CFString(user_defined_name) == NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" invalid %@ property"),
profileID, kProfileKeyUserDefinedName);
return (NULL);
}
information = CFDictionaryGetValue(dict, kProfileKeyInformation);
if (information != NULL && isA_CFDictionary(information) == NULL) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" invalid %@ property"),
profileID, kProfileKeyInformation);
return (NULL);
}
/* allocate/set an EAPOLClientProfileRef */
profile = __EAPOLClientProfileAllocate(alloc);
if (profile == NULL) {
return (NULL);
}
profile->uuid = CFRetain(profileID);
EAPOLClientProfileSetUserDefinedName(profile, user_defined_name);
EAPOLClientProfileSetAuthenticationProperties(profile, eap_config);
if (ssid != NULL) {
EAPOLClientProfileSetWLANSSIDAndSecurityType(profile, ssid,
security_type);
}
else if (domain != NULL) {
EAPOLClientProfileSetWLANDomain(profile, domain);
}
if (information != NULL) {
profile->information
= CFDictionaryCreateMutableCopy(NULL, 0, information);
}
return (profile);
}
PRIVATE_EXTERN CFMutableDictionaryRef
EAPOLClientProfileCreateDictAndProfileID(EAPOLClientProfileRef profile,
CFStringRef * ret_profileID)
{
CFArrayRef accept_types = NULL;
CFMutableDictionaryRef dict;
if (profile->auth_props != NULL) {
accept_types = CFDictionaryGetValue(profile->auth_props,
kEAPClientPropAcceptEAPTypes);
}
if (accept_types_valid(accept_types) == FALSE) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("EAPOLClientConfiguration: profile %@"
" missing/invalid AuthenticationProperties"),
EAPOLClientProfileGetID(profile));
return (NULL);
}
dict = CFDictionaryCreateMutable(NULL, 0,
&kCFTypeDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
if (ret_profileID != NULL) {
*ret_profileID = CFRetain(profile->uuid);
}
CFDictionarySetValue(dict,
kProfileKeyAuthenticationProperties,
profile->auth_props);
if (profile->user_defined_name != NULL) {
CFDictionarySetValue(dict,
kProfileKeyUserDefinedName,
profile->user_defined_name);
}
if (profile->information != NULL
&& CFDictionaryGetCount(profile->information) != 0) {
CFDictionarySetValue(dict,
kProfileKeyInformation,
profile->information);
}
if (profile->WLAN.ssid != NULL || profile->WLAN.domain != NULL) {
int count;
const void * keys[2];
CFDictionaryRef WLAN;
const void * values[2];
if (profile->WLAN.ssid != NULL) {
keys[0] = kProfileKeyWLANSSID;
values[0] = profile->WLAN.ssid;
keys[1] = kProfileKeyWLANSecurityType;
values[1] = profile->WLAN.security_type;
count = 2;
}
else {
keys[0] = kProfileKeyWLANDomain;
values[0] = profile->WLAN.domain;
count = 1;
}
WLAN = CFDictionaryCreate(NULL, keys, values, count,
&kCFTypeDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
CFDictionarySetValue(dict, kProfileKeyWLAN, WLAN);
CFRelease(WLAN);
}
return (dict);
}
