aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_tls_common.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-05-28 14:15:17 (GMT)
committerJouni Malinen <j@w1.fi>2008-05-28 14:15:17 (GMT)
commitcda97d11bb4a0fe73b090b852d48e670ad220ab4 (patch)
tree58e4d0b51f93aadc0b40917c0a397ac2d4692579 /src/eap_server/eap_tls_common.c
parent3c724cc564911f9ef217f24dac1fa2b2d8f7d31c (diff)
downloadhostap-06-cda97d11bb4a0fe73b090b852d48e670ad220ab4.zip
hostap-06-cda97d11bb4a0fe73b090b852d48e670ad220ab4.tar.gz
hostap-06-cda97d11bb4a0fe73b090b852d48e670ad220ab4.tar.bz2
Share EAP-TLS/PEAP/TTLS/FAST core process() functionality
Move the basic processing of received frames into eap_tls_common.c and use callback functions to handle EAP type specific processing of the version field and payload.
Diffstat (limited to 'src/eap_server/eap_tls_common.c')
-rw-r--r--src/eap_server/eap_tls_common.c53
1 files changed, 50 insertions, 3 deletions
diff --git a/src/eap_server/eap_tls_common.c b/src/eap_server/eap_tls_common.c
index 894b27f..4f91ee7 100644
--- a/src/eap_server/eap_tls_common.c
+++ b/src/eap_server/eap_tls_common.c
@@ -263,8 +263,8 @@ int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data)
}
-int eap_server_tls_reassemble(struct eap_ssl_data *data, u8 flags,
- const u8 **pos, size_t *left)
+static int eap_server_tls_reassemble(struct eap_ssl_data *data, u8 flags,
+ const u8 **pos, size_t *left)
{
unsigned int tls_msg_len = 0;
const u8 *end = *pos + *left;
@@ -323,7 +323,7 @@ int eap_server_tls_reassemble(struct eap_ssl_data *data, u8 flags,
}
-void eap_server_tls_free_in_buf(struct eap_ssl_data *data)
+static void eap_server_tls_free_in_buf(struct eap_ssl_data *data)
{
if (data->in_buf != &data->tmpbuf)
wpabuf_free(data->in_buf);
@@ -355,3 +355,50 @@ struct wpabuf * eap_server_tls_encrypt(struct eap_sm *sm,
return buf;
}
+
+
+int eap_server_tls_process(struct eap_sm *sm, struct eap_ssl_data *data,
+ struct wpabuf *respData, void *priv, int eap_type,
+ int (*proc_version)(struct eap_sm *sm, void *priv,
+ int peer_version),
+ void (*proc_msg)(struct eap_sm *sm, void *priv,
+ const struct wpabuf *respData))
+{
+ const u8 *pos;
+ u8 flags;
+ size_t left;
+ int ret, res = 0;
+
+ pos = eap_hdr_validate(EAP_VENDOR_IETF, eap_type, respData, &left);
+ if (pos == NULL || left < 1)
+ return 0; /* Should not happen - frame already validated */
+ flags = *pos++;
+ left--;
+ wpa_printf(MSG_DEBUG, "SSL: Received packet(len=%lu) - Flags 0x%02x",
+ (unsigned long) wpabuf_len(respData), flags);
+
+ if (proc_version &&
+ proc_version(sm, priv, flags & EAP_TLS_VERSION_MASK) < 0)
+ return -1;
+
+ ret = eap_server_tls_reassemble(data, flags, &pos, &left);
+ if (ret < 0) {
+ res = -1;
+ goto done;
+ } else if (ret == 1)
+ return 0;
+
+ if (proc_msg)
+ proc_msg(sm, priv, respData);
+
+ if (tls_connection_get_write_alerts(sm->ssl_ctx, data->conn) > 1) {
+ wpa_printf(MSG_INFO, "SSL: Locally detected fatal error in "
+ "TLS processing");
+ res = -1;
+ }
+
+done:
+ eap_server_tls_free_in_buf(data);
+
+ return res;
+}