aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-02-09 15:58:43 (GMT)
committerJouni Malinen <j@w1.fi>2019-02-09 23:43:50 (GMT)
commitf08ab18bf970b9ed2df3cb01536970284d40fb77 (patch)
treefd7db09d38ef615433bb24e4bd61a1372b8482a0 /src/tls
parentb642ab4062f6f936591835b127cab840d771faf7 (diff)
downloadhostap-f08ab18bf970b9ed2df3cb01536970284d40fb77.zip
hostap-f08ab18bf970b9ed2df3cb01536970284d40fb77.tar.gz
hostap-f08ab18bf970b9ed2df3cb01536970284d40fb77.tar.bz2
TLS server: Add internal callbacks get_failed, get_*_alerts
These can be used to implement cleaner termination of the handshake in case of failures. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/tlsv1_server.c20
-rw-r--r--src/tls/tlsv1_server.h4
-rw-r--r--src/tls/tlsv1_server_i.h2
3 files changed, 26 insertions, 0 deletions
diff --git a/src/tls/tlsv1_server.c b/src/tls/tlsv1_server.c
index 5406969..07840d4 100644
--- a/src/tls/tlsv1_server.c
+++ b/src/tls/tlsv1_server.c
@@ -204,6 +204,7 @@ failed:
msg = tlsv1_server_send_alert(conn, conn->alert_level,
conn->alert_description,
out_len);
+ conn->write_alerts++;
}
return msg;
@@ -296,6 +297,7 @@ int tlsv1_server_decrypt(struct tlsv1_server *conn,
}
tlsv1_server_log(conn, "Received alert %d:%d",
out_pos[0], out_pos[1]);
+ conn->read_alerts++;
if (out_pos[0] == TLS_ALERT_LEVEL_WARNING) {
/* Continue processing */
pos += used;
@@ -708,6 +710,24 @@ void tlsv1_server_set_log_cb(struct tlsv1_server *conn,
}
+int tlsv1_server_get_failed(struct tlsv1_server *conn)
+{
+ return conn->state == FAILED;
+}
+
+
+int tlsv1_server_get_read_alerts(struct tlsv1_server *conn)
+{
+ return conn->read_alerts;
+}
+
+
+int tlsv1_server_get_write_alerts(struct tlsv1_server *conn)
+{
+ return conn->write_alerts;
+}
+
+
#ifdef CONFIG_TESTING_OPTIONS
void tlsv1_server_set_test_flags(struct tlsv1_server *conn, u32 flags)
{
diff --git a/src/tls/tlsv1_server.h b/src/tls/tlsv1_server.h
index 10e7699..c3fd37e 100644
--- a/src/tls/tlsv1_server.h
+++ b/src/tls/tlsv1_server.h
@@ -48,6 +48,10 @@ void tlsv1_server_set_session_ticket_cb(struct tlsv1_server *conn,
void tlsv1_server_set_log_cb(struct tlsv1_server *conn,
void (*cb)(void *ctx, const char *msg), void *ctx);
+int tlsv1_server_get_failed(struct tlsv1_server *conn);
+int tlsv1_server_get_read_alerts(struct tlsv1_server *conn);
+int tlsv1_server_get_write_alerts(struct tlsv1_server *conn);
+
void tlsv1_server_set_test_flags(struct tlsv1_server *conn, u32 flags);
#endif /* TLSV1_SERVER_H */
diff --git a/src/tls/tlsv1_server_i.h b/src/tls/tlsv1_server_i.h
index 29c6678..2622585 100644
--- a/src/tls/tlsv1_server_i.h
+++ b/src/tls/tlsv1_server_i.h
@@ -30,6 +30,8 @@ struct tlsv1_server {
u8 alert_level;
u8 alert_description;
+ int read_alerts, write_alerts;
+
struct crypto_public_key *client_rsa_key;
struct tls_verify_hash verify;