TLS: Add support for tls_get_version()

This allows wpa_supplicant to return eap_tls_version STATUS information
when using the internal TLS client implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>

3 files changed, 31 insertions, 1 deletions

diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index b91f181..ff773fe 100644
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -635,7 +635,12 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
 int tls_get_version(void *ssl_ctx, struct tls_connection *conn,
 		    char *buf, size_t buflen)
 {
-	/* TODO */
+	if (conn == NULL)
+		return -1;
+#ifdef CONFIG_TLS_INTERNAL_CLIENT
+	if (conn->client)
+		return tlsv1_client_get_version(conn->client, buf, buflen);
+#endif /* CONFIG_TLS_INTERNAL_CLIENT */
 	return -1;
 }
 
diff --git a/src/tls/tlsv1_client.c b/src/tls/tlsv1_client.c
index 49ebf2f..26f055c 100644
--- a/src/tls/tlsv1_client.c
+++ b/src/tls/tlsv1_client.c
@@ -838,3 +838,26 @@ void tlsv1_client_set_cb(struct tlsv1_client *conn,
 	conn->cb_ctx = cb_ctx;
 	conn->cert_in_cb = !!cert_in_cb;
 }
+
+
+int tlsv1_client_get_version(struct tlsv1_client *conn, char *buf,
+			     size_t buflen)
+{
+	if (!conn)
+		return -1;
+	switch (conn->rl.tls_version) {
+	case TLS_VERSION_1:
+		os_strlcpy(buf, "TLSv1", buflen);
+		break;
+	case TLS_VERSION_1_1:
+		os_strlcpy(buf, "TLSv1.1", buflen);
+		break;
+	case TLS_VERSION_1_2:
+		os_strlcpy(buf, "TLSv1.2", buflen);
+		break;
+	default:
+		return -1;
+	}
+
+	return 0;
+}
diff --git a/src/tls/tlsv1_client.h b/src/tls/tlsv1_client.h
index bbfb8bd..95bd545 100644
--- a/src/tls/tlsv1_client.h
+++ b/src/tls/tlsv1_client.h
@@ -56,5 +56,7 @@ void tlsv1_client_set_cb(struct tlsv1_client *conn,
 					  union tls_event_data *data),
 			 void *cb_ctx,
 			 int cert_in_cb);
+int tlsv1_client_get_version(struct tlsv1_client *conn, char *buf,
+			     size_t buflen);
 
 #endif /* TLSV1_CLIENT_H */