[svn-upgrade] Integrating new upstream version, strongswan (4.2.8)

author: Rene Mayrhofer <rene@mayrhofer.eu.org> 2008-10-29 11:11:01 +0000
committer: Rene Mayrhofer <rene@mayrhofer.eu.org> 2008-10-29 11:11:01 +0000
commit: 8b80ab5a6950ce6515f477624794defd7531642a (patch)
tree: aa8303f3806c5615fbeafc4dc82febe3cd7c24dc /src/charon/plugins/eap_sim
parent: db67c87db3c9089ea8d2e14f617bf3d9e2af261f (diff)
download: vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.tar.gz
vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.zip
6 files changed, 104 insertions, 445 deletions
diff --git a/src/charon/plugins/eap_sim/Makefile.am b/src/charon/plugins/eap_sim/Makefile.am
index 63267b9d3..6cb53ebb5 100644
--- a/src/charon/plugins/eap_sim/Makefile.am
+++ b/src/charon/plugins/eap_sim/Makefile.am
@@ -3,11 +3,9 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
 
 AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DSIM_READER_LIB=\"${simreader}\"
 
-plugin_LTLIBRARIES = libstrongswan-eapsim.la libeapsim-file.la
+plugin_LTLIBRARIES = libstrongswan-eapsim.la
 
-libstrongswan_eapsim_la_SOURCES = eap_sim_plugin.h eap_sim_plugin.c eap_sim.h eap_sim.c
+libstrongswan_eapsim_la_SOURCES = eap_sim.h eap_sim.c \
+  eap_sim_plugin.h eap_sim_plugin.c
 libstrongswan_eapsim_la_LDFLAGS = -module
 
-libeapsim_file_la_SOURCES = eap_sim_file.c
-libeapsim_file_la_LDFLAGS = -module
-
diff --git a/src/charon/plugins/eap_sim/Makefile.in b/src/charon/plugins/eap_sim/Makefile.in
index e70f8457c..cc5409952 100644
--- a/src/charon/plugins/eap_sim/Makefile.in
+++ b/src/charon/plugins/eap_sim/Makefile.in
@@ -49,14 +49,8 @@ am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
 am__installdirs = "$(DESTDIR)$(plugindir)"
 pluginLTLIBRARIES_INSTALL = $(INSTALL)
 LTLIBRARIES = $(plugin_LTLIBRARIES)
-libeapsim_file_la_LIBADD =
-am_libeapsim_file_la_OBJECTS = eap_sim_file.lo
-libeapsim_file_la_OBJECTS = $(am_libeapsim_file_la_OBJECTS)
-libeapsim_file_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
-	$(libeapsim_file_la_LDFLAGS) $(LDFLAGS) -o $@
 libstrongswan_eapsim_la_LIBADD =
-am_libstrongswan_eapsim_la_OBJECTS = eap_sim_plugin.lo eap_sim.lo
+am_libstrongswan_eapsim_la_OBJECTS = eap_sim.lo eap_sim_plugin.lo
 libstrongswan_eapsim_la_OBJECTS =  \
 	$(am_libstrongswan_eapsim_la_OBJECTS)
 libstrongswan_eapsim_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -74,10 +68,8 @@ CCLD = $(CC)
 LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
 	$(LDFLAGS) -o $@
-SOURCES = $(libeapsim_file_la_SOURCES) \
-	$(libstrongswan_eapsim_la_SOURCES)
-DIST_SOURCES = $(libeapsim_file_la_SOURCES) \
-	$(libstrongswan_eapsim_la_SOURCES)
+SOURCES = $(libstrongswan_eapsim_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_eapsim_la_SOURCES)
 ETAGS = etags
 CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@@ -196,6 +188,8 @@ localedir = @localedir@
 localstatedir = @localstatedir@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
 oldincludedir = @oldincludedir@
 pdfdir = @pdfdir@
 piddir = @piddir@
@@ -217,11 +211,11 @@ xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
 AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${confdir}\" -DSIM_READER_LIB=\"${simreader}\"
-plugin_LTLIBRARIES = libstrongswan-eapsim.la libeapsim-file.la
-libstrongswan_eapsim_la_SOURCES = eap_sim_plugin.h eap_sim_plugin.c eap_sim.h eap_sim.c
+plugin_LTLIBRARIES = libstrongswan-eapsim.la
+libstrongswan_eapsim_la_SOURCES = eap_sim.h eap_sim.c \
+  eap_sim_plugin.h eap_sim_plugin.c
+
 libstrongswan_eapsim_la_LDFLAGS = -module
-libeapsim_file_la_SOURCES = eap_sim_file.c
-libeapsim_file_la_LDFLAGS = -module
 all: all-am
 
 .SUFFIXES:
@@ -282,8 +276,6 @@ clean-pluginLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libeapsim-file.la: $(libeapsim_file_la_OBJECTS) $(libeapsim_file_la_DEPENDENCIES) 
-	$(libeapsim_file_la_LINK) -rpath $(plugindir) $(libeapsim_file_la_OBJECTS) $(libeapsim_file_la_LIBADD) $(LIBS)
 libstrongswan-eapsim.la: $(libstrongswan_eapsim_la_OBJECTS) $(libstrongswan_eapsim_la_DEPENDENCIES) 
 	$(libstrongswan_eapsim_la_LINK) -rpath $(plugindir) $(libstrongswan_eapsim_la_OBJECTS) $(libstrongswan_eapsim_la_LIBADD) $(LIBS)
 
@@ -294,7 +286,6 @@ distclean-compile:
 	-rm -f *.tab.c
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap_sim.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap_sim_file.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap_sim_plugin.Plo@am__quote@
 
 .c.o:
diff --git a/src/charon/plugins/eap_sim/eap_sim.c b/src/charon/plugins/eap_sim/eap_sim.c
index b14076f34..8b9434716 100644
--- a/src/charon/plugins/eap_sim/eap_sim.c
+++ b/src/charon/plugins/eap_sim/eap_sim.c
@@ -12,7 +12,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: eap_sim.c 3806 2008-04-15 05:56:35Z martin $
+ * $Id: eap_sim.c 4406 2008-10-10 08:36:01Z martin $
  */
 
 #include "eap_sim.h"
@@ -150,21 +150,6 @@ struct private_eap_sim_t {
 	signer_t *signer;
 	
 	/**
-	 * SIM cardreader function loaded from library
-	 */
-	sim_algo_t alg;
-	
-	/**
-	 * libraries get_triplet() function returning a triplet
-	 */
-	sim_get_triplet_t get_triplet;
-	
-	/**
-	 * handle of the loaded library
-	 */
-	void *handle;
-	
-	/**
 	 * how many times we try to authenticate
 	 */
 	int tries;
@@ -215,7 +200,7 @@ struct private_eap_sim_t {
 	chunk_t msk;
 	
 	/**
-	 * EMSK, extendes MSK for further uses
+	 * EMSK, extended MSK for further uses
 	 */
 	chunk_t emsk;
 };
@@ -557,6 +542,41 @@ static void derive_keys(private_eap_sim_t *this, chunk_t kcs)
 }
 
 /**
+ * Read a triplet from the SIM card
+ */
+static bool get_card_triplet(private_eap_sim_t *this,
+							 char *rand, char *sres, char *kc)
+{
+	enumerator_t *enumerator;
+	sim_card_t *card = NULL, *current;
+	id_match_t match, best = ID_MATCH_NONE;
+	bool success = FALSE;
+	
+	/* find the best matching SIM */
+	enumerator = charon->sim->create_card_enumerator(charon->sim);
+	while (enumerator->enumerate(enumerator, &current))
+	{
+		match = this->peer->matches(this->peer, current->get_imsi(current));
+		if (match > best)
+		{
+			card = current;
+			best = match;
+			break;
+		}
+	}
+	if (card)
+	{
+		success = card->get_triplet(card, rand, sres, kc);
+	}
+	enumerator->destroy(enumerator);
+	if (!card)
+	{
+		DBG1(DBG_IKE, "no SIM card found matching '%D'", this->peer);
+	}
+	return success;
+}
+
+/**
  * process an EAP-SIM/Request/Challenge message
  */
 static status_t peer_process_challenge(private_eap_sim_t *this,
@@ -649,11 +669,9 @@ static status_t peer_process_challenge(private_eap_sim_t *this,
 	/* get two or three KCs/SRESes from SIM using RANDs */
 	kcs = kc = chunk_alloca(rands.len / 2);
 	sreses = sres = chunk_alloca(rands.len / 4);
-	while (rands.len > 0)
-	{
-		int kc_len = kc.len, sres_len = sres.len;
-		
-		if (this->alg(rands.ptr, RAND_LEN, sres.ptr, &sres_len, kc.ptr, &kc_len))
+	while (rands.len >= RAND_LEN)
+	{		
+		if (!get_card_triplet(this, rands.ptr, sres.ptr, kc.ptr))
 		{
 			DBG1(DBG_IKE, "unable to get EAP-SIM triplet");
 			*out = build_payload(this, identifier, SIM_CLIENT_ERROR,
@@ -662,9 +680,9 @@ static status_t peer_process_challenge(private_eap_sim_t *this,
 			return NEED_MORE;
 		}
 		DBG3(DBG_IKE, "got triplet for RAND %b\n  Kc %b\n  SRES %b",
-			 rands.ptr, RAND_LEN, sres.ptr, sres_len, kc.ptr, kc_len);
-		kc = chunk_skip(kc, kc_len);
-		sres = chunk_skip(sres, sres_len);
+			 rands.ptr, RAND_LEN, sres.ptr, SRES_LEN, kc.ptr, KC_LEN);
+		kc = chunk_skip(kc, KC_LEN);
+		sres = chunk_skip(sres, SRES_LEN);
 		rands = chunk_skip(rands, RAND_LEN);
 	}
 	
@@ -737,6 +755,32 @@ static status_t server_process_challenge(private_eap_sim_t *this,
 }
 
 /**
+ * Fetch a triplet from a provider
+ */
+static bool get_provider_triplet(private_eap_sim_t *this,
+								 char *rand, char *sres, char *kc)
+{
+	enumerator_t *enumerator;
+	sim_provider_t *provider;
+	int tried = 0;
+	
+	enumerator = charon->sim->create_provider_enumerator(charon->sim);
+	while (enumerator->enumerate(enumerator, &provider))
+	{
+		if (provider->get_triplet(provider, this->peer, rand, sres, kc))
+		{
+			enumerator->destroy(enumerator);
+			return TRUE;
+		}
+		tried++;
+	}
+	enumerator->destroy(enumerator);
+	DBG1(DBG_IKE, "tried %d SIM providers, but none had a triplet for '%D'",
+		 tried, this->peer);
+	return FALSE;
+}
+
+/**
  * process an EAP-SIM/Response/Start message
  */
 static status_t server_process_start(private_eap_sim_t *this,
@@ -746,9 +790,8 @@ static status_t server_process_start(private_eap_sim_t *this,
 	sim_attribute_t attribute;
 	bool supported = FALSE;
 	chunk_t rands, rand, kcs, kc, sreses, sres;
-	char id[64];
-	int len, i, rand_len, kc_len, sres_len;
-	
+	int i;
+		
 	message = in->get_data(in);
 	read_header(&message);
 
@@ -779,11 +822,6 @@ static status_t server_process_start(private_eap_sim_t *this,
 		DBG1(DBG_IKE, "received incomplete EAP-SIM/Response/Start");
 		return FAILED;
 	}
-	len = snprintf(id, sizeof(id), "%D", this->peer);
-	if (len > sizeof(id) || len < 0)
-	{
-		return FAILED;
-	}
 	
 	/* read triplets from provider */
 	rand = rands = chunk_alloca(RAND_LEN * TRIPLET_COUNT);
@@ -794,21 +832,17 @@ static status_t server_process_start(private_eap_sim_t *this,
 	sreses.len = 0;
 	for (i = 0; i < TRIPLET_COUNT; i++)
 	{
-		rand_len = RAND_LEN;
-		kc_len = KC_LEN;
-		sres_len = SRES_LEN;
-		if (this->get_triplet(id, rand.ptr, &rand_len, sres.ptr, &sres_len,
-							  kc.ptr, &kc_len))
+		if (!get_provider_triplet(this, rand.ptr, sres.ptr, kc.ptr))
 		{
 			DBG1(DBG_IKE, "getting EAP-SIM triplet %d failed", i);
 			return FAILED;
 		}
-		rands.len += rand_len;
-		kcs.len += kc_len;
-		sreses.len += sres_len;
-		rand = chunk_skip(rand, rand_len);
-		kc = chunk_skip(kc, kc_len);
-		sres = chunk_skip(sres, sres_len);
+		rands.len += RAND_LEN;
+		sreses.len += SRES_LEN;
+		kcs.len += KC_LEN;
+		rand = chunk_skip(rand, RAND_LEN);
+		sres = chunk_skip(sres, SRES_LEN);
+		kc = chunk_skip(kc, KC_LEN);
 	}
 	derive_keys(this, kcs);
 	
@@ -1016,7 +1050,8 @@ static bool is_mutual(private_eap_sim_t *this)
  */
 static void destroy(private_eap_sim_t *this)
 {
-	dlclose(this->handle);
+	this->peer->destroy(this->peer);
+	this->peer->destroy(this->peer);
 	DESTROY_IF(this->hasher);
 	DESTROY_IF(this->prf);
 	DESTROY_IF(this->signer);
@@ -1036,17 +1071,12 @@ static void destroy(private_eap_sim_t *this)
 eap_sim_t *eap_sim_create_generic(eap_role_t role, identification_t *server,
 								  identification_t *peer)
 {
-	private_eap_sim_t *this;
+	private_eap_sim_t *this = malloc_thing(private_eap_sim_t);
 	rng_t *rng;
-	void *symbol;
-	char *name;
-  	
-  	this = malloc_thing(private_eap_sim_t);
-	this->alg = NULL;
-	this->get_triplet = NULL;
+	
 	this->nonce = chunk_empty;
 	this->sreses = chunk_empty;
-	this->peer = peer;
+	this->peer = peer->clone(peer);
 	this->tries = MAX_TRIES;
 	this->version.ptr = version;
 	this->version.len = sizeof(version);
@@ -1055,48 +1085,21 @@ eap_sim_t *eap_sim_create_generic(eap_role_t role, identification_t *server,
 	this->k_encr = chunk_empty;
 	this->msk = chunk_empty;
 	this->emsk = chunk_empty;
-	this->identifier = random();
+	/* generate a non-zero identifier */
+	do {
+		this->identifier = random();
+	} while (!this->identifier);
 	
-	this->handle = dlopen(SIM_READER_LIB, RTLD_LAZY);
-	if (this->handle == NULL)
-	{
-		DBG1(DBG_IKE, "unable to open SIM reader '%s'", SIM_READER_LIB);
-		free(this);
-		return NULL;
-	}
-	switch (role)
-	{
-		case EAP_PEER:
-			name = SIM_READER_ALG;
-			break;
-		case EAP_SERVER:
-			name = SIM_READER_GET_TRIPLET;
-			break;
-		default:	
-			free(this);
-			return NULL;
-	}
-	symbol = dlsym(this->handle, name);
-	if (symbol == NULL)
-	{
-		DBG1(DBG_IKE, "unable to open SIM function '%s' in '%s'",
-			 name, SIM_READER_LIB);
-		dlclose(this->handle);
-		free(this);
-		return NULL;
-	}
 	switch (role)
 	{
 		case EAP_SERVER:
 			this->public.eap_method_interface.initiate = (status_t(*)(eap_method_t*,eap_payload_t**))server_initiate;
 			this->public.eap_method_interface.process = (status_t(*)(eap_method_t*,eap_payload_t*,eap_payload_t**))server_process;
-			this->get_triplet = symbol;
 			this->type = EAP_REQUEST;
 			break;
 		case EAP_PEER:
 			this->public.eap_method_interface.initiate = (status_t(*)(eap_method_t*,eap_payload_t**))peer_initiate;
 			this->public.eap_method_interface.process = (status_t(*)(eap_method_t*,eap_payload_t*,eap_payload_t**))peer_process;
-			this->alg = symbol;
 			this->type = EAP_RESPONSE;
 			rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
 			if (!rng)
diff --git a/src/charon/plugins/eap_sim/eap_sim.h b/src/charon/plugins/eap_sim/eap_sim.h
index 65020aa64..ec061b6f4 100644
--- a/src/charon/plugins/eap_sim/eap_sim.h
+++ b/src/charon/plugins/eap_sim/eap_sim.h
@@ -25,62 +25,12 @@ typedef struct eap_sim_t eap_sim_t;
 
 #include <sa/authenticators/eap/eap_method.h>
 
-/** the library containing with the triplet functions */
-#ifndef SIM_READER_LIB
-#error SIM_READER_LIB not specified, use --with-sim-reader option
-#endif /* SIM_READER_LIB */
-
-/** 
- * Cardreaders SIM function.
- *
- * @param rand			RAND to run algo with
- * @param rand_length	length of value in rand
- * @param sres			buffer to get SRES
- * @param sres_length	size of buffer in sres, returns bytes written to SRES
- * @param kc			buffer to get Kc
- * @param kc_length		size of buffer in Kc, returns bytes written to Kc
- * @return				zero on success
- */
-typedef int (*sim_algo_t)(const unsigned char *rand, int rand_length,
-						  unsigned char *sres, int *sres_length, 
-						  unsigned char *kc, int *kc_length);
-
-#ifndef SIM_READER_ALG
-/** the SIM_READER_LIB's algorithm, uses sim_algo_t signature */
-#define SIM_READER_ALG "sim_run_alg"
-#endif /* SIM_READER_ALG */
-
-/** 
- * Function to get a SIM triplet.
- *
- * @param identity		identity (imsi) to get a triplet for			
- * @param rand			buffer to get RAND
- * @param rand_length	size of buffer in rand, returns bytes written to RAND
- * @param sres			buffer to get SRES
- * @param sres_length	size of buffer in sres, returns bytes written to SRES
- * @param kc			buffer to get Kc
- * @param kc_length		size of buffer in Kc, returns bytes written to Kc
- * @return				zero on success
- */
-typedef int (*sim_get_triplet_t)(char *identity,
-								 unsigned char *rand, int *rand_length,
-								 unsigned char *sres, int *sres_length, 
-								 unsigned char *kc, int *kc_length);
-						  
-#ifndef SIM_READER_GET_TRIPLET
-/** the SIM_READER_LIB's get-triplet function, uses sim_get_triplet_t signature */
-#define SIM_READER_GET_TRIPLET "sim_get_triplet"
-#endif /* SIM_READER_GET_TRIPLET */
-
 /**
  * Implementation of the eap_method_t interface using EAP-SIM.
  *
- * This EAP-SIM client implementation uses another pluggable library to
- * access the SIM card/triplet provider. This module is specified using the
- * SIM_READER_LIB definition. It has to privde a sim_run_alg() function to
- * calculate a triplet (client), and/or a sim_get_triplet() function to get
- * a triplet (server). These functions are named to the SIM_READER_ALG and
- * the SIM_READER_GET_TRIPLET definitions.
+ * This EAP-SIM client implementation handles the protocol level of EAP-SIM
+ * only, it does not provide triplet calculation/fetching. Other plugins may
+ * provide these services using the sim_manager_t of charon.
  */
 struct eap_sim_t {
 
diff --git a/src/charon/plugins/eap_sim/eap_sim_file.c b/src/charon/plugins/eap_sim/eap_sim_file.c
deleted file mode 100644
index fc4c1af26..000000000
--- a/src/charon/plugins/eap_sim/eap_sim_file.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- *
- * $Id: eap_sim_file.c 3491 2008-02-22 14:04:00Z martin $
- */
-
-#include <string.h>
-#include <stdio.h>
-#include <errno.h>
-
-#include <daemon.h>
-
-#define IMSI_LEN 64
-#define RAND_LEN 16
-#define SRES_LEN 4
-#define KC_LEN 8
-
-typedef struct triplet_t triplet_t;
-
-struct triplet_t {
-	unsigned char imsi[IMSI_LEN];
-	unsigned char rand[RAND_LEN];
-	unsigned char sres[SRES_LEN];
-	unsigned char kc[KC_LEN];
-};
-
-static triplet_t *triplets = NULL;
-static int triplet_count = 0;
-
-#define TRIPLET_FILE IPSEC_CONFDIR "/ipsec.d/triplets.dat"
-
-/**
- * convert a single HEX char to its integer value
- */
-static int hexchr(char chr)
-{
-	switch (chr)
-	{
-		case '0'...'9':
-			return chr - '0';
-		case 'A'...'F':
-			return 10 + chr - 'A';
-		case 'a'...'f':
-			return 10 + chr - 'a';
-	}
-	return 0;
-}
-
-/**
- * convert a HEX string into a char array bin, limited by array length len
- */
-static void hex2bin(char *hex, unsigned char *bin, size_t len)
-{
-	char *pos;
-	int i, even = 1;
-	
-	pos = hex - 1;
-	/* find the end, as we convert bottom up */
-	while (TRUE)
-	{
-		switch (*(pos+1))
-		{
-			case '0'...'9':
-			case 'A'...'F':
-			case 'a'...'f':
-				pos++;
-				continue;
-		}
-		break;
-	}
-	/* convert two hex chars into a single bin byte */
-	for (i = 0; pos >= hex && i < len; pos--)
-	{
-		if (even)
-		{
-			bin[len - 1 - i] = hexchr(*pos);
-		}
-		else
-		{
-			bin[len - 1 - i] |= 16 * hexchr(*pos);
-			i++;
-		}
-		even = !even;
-	}
-}
-
-/**
- * free up allocated triplets
- */
-static void __attribute__ ((destructor)) free_triplets()
-{
-	free(triplets);
-}
-
-/**
- * read the triplets from the file, using freeradius triplet file syntax:
- * http://www.freeradius.org/radiusd/doc/rlm_sim_triplets
- */
-static void __attribute__ ((constructor)) read_triplets()
-{
-	char line[512], *data[4], *pos;
-	FILE *file;
-	int i, nr = 0;
-	triplet_t *triplet;
-	
-	file = fopen(TRIPLET_FILE, "r");
-	if (file == NULL)
-	{
-		DBG1(DBG_CFG, "opening triplet file %s failed: %s",
-			 TRIPLET_FILE, strerror(errno));
-		return;
-	}
-	
-	if (triplets)
-	{
-		free(triplets);
-		triplets = NULL;
-		triplet_count = 0;
-	}
-	
-	/* read line by line */
-	while (fgets(line, sizeof(line), file))
-	{
-		nr++;
-		/* skip comments, empty lines */
-		switch (line[0])
-		{
-			case '\n':
-			case '\r':
-			case '#':
-			case '\0':
-				continue;
-			default:
-				break;
-		}
-		/* read comma separated values */
-		pos = line;
-		for (i = 0; i < 4; i++)
-		{
-			data[i] = pos;
-			pos = strchr(pos, ',');
-			if (pos)
-			{
-				*pos = '\0';
-				pos++;
-			}
-			else if (i != 3)
-			{
-				DBG1(DBG_CFG, "error in triplet file, line %d", nr);
-				fclose(file);
-				return;
-			}
-		}
-		/* allocate new triplet */
-		triplet_count++;
-		triplets = realloc(triplets, triplet_count * sizeof(triplet_t));
-		triplet = &triplets[triplet_count - 1];
-		memset(triplet, 0, sizeof(triplet_t));
-		
-		/* convert/copy triplet data */
-		for (i = 0; i < IMSI_LEN - 1; i++)
-		{
-			switch (data[0][i])
-			{
-				case '\n':
-				case '\r':
-				case '\0':
-					break;
-				default:
-					triplet->imsi[i] = data[0][i];
-					continue;
-			}
-			break;
-		}
-		hex2bin(data[1], triplet->rand, RAND_LEN);
-		hex2bin(data[2], triplet->sres, SRES_LEN);
-		hex2bin(data[3], triplet->kc, KC_LEN);
-		
-		DBG4(DBG_CFG, "triplet: imsi %b\nrand %b\nsres %b\nkc %b",
-			 triplet->imsi, IMSI_LEN, triplet->rand, RAND_LEN,
-			 triplet->sres, SRES_LEN, triplet->kc, KC_LEN);
-	}
-	fclose(file);
-	DBG2(DBG_CFG, "read %d triplets from %s", triplet_count, TRIPLET_FILE);
-}
-
-/**
- * Run the sim algorithm, see eap_sim.h
- */
-int sim_run_alg(const unsigned char *rand, int rand_length,
-				unsigned char *sres, int *sres_length, 
-				unsigned char *kc, int *kc_length)
-{
-	int current;
-	
-	if (rand_length != RAND_LEN ||
-		*sres_length < SRES_LEN ||
-		*kc_length < KC_LEN)
-	{
-		return 1;
-	}
-	
-	for (current = 0; current < triplet_count; current++)
-	{
-		if (memcmp(triplets[current].rand, rand, RAND_LEN) == 0)
-		{
-			memcpy(sres, triplets[current].sres, SRES_LEN);
-			memcpy(kc, triplets[current].kc, KC_LEN);
-			*sres_length = SRES_LEN;
-			*kc_length = KC_LEN;
-			return 0;
-		}
-	}
-	return 2;
-}
-
-/**
- * Get a single triplet, see_eap_sim.h
- */
-int sim_get_triplet(char *imsi,
-					unsigned char *rand, int *rand_length,
-					unsigned char *sres, int *sres_length, 
-					unsigned char *kc, int *kc_length)
-{
-	int current;
-	triplet_t *triplet;
-	static int skip = -1;
-	
-	DBG2(DBG_CFG, "getting triplet for %s", imsi);
-	
-	if (*rand_length < RAND_LEN ||
-		*sres_length < SRES_LEN ||
-		*kc_length < KC_LEN)
-	{
-		return 1;
-	}
-	if (triplet_count == 0)
-	{
-		return 2;
-	}
-	for (current = 0; current < triplet_count; current++)
-	{
-		triplet = &triplets[current];
-	
-		if (streq(imsi, triplet->imsi))
-		{
-			/* skip triplet if already used */
-			if (skip >= current)
-			{
-				continue;
-			}
-			*rand_length = RAND_LEN;
-			*sres_length = SRES_LEN;
-			*kc_length = KC_LEN;
-			memcpy(rand, triplet->rand, RAND_LEN);
-			memcpy(sres, triplet->sres, SRES_LEN);
-			memcpy(kc, triplet->kc, KC_LEN);
-			/* remember used triplet */
-			skip = current;
-			return 0;
-		}
-	}
-	if (skip > -1)
-	{
-		/* no triplet left, reuse triplets */
-		skip = -1;
-		return sim_get_triplet(imsi, rand, rand_length,
-							   sres, sres_length, kc, kc_length);
-	}
-	return 2;
-}
-
diff --git a/src/charon/plugins/eap_sim/eap_sim_plugin.h b/src/charon/plugins/eap_sim/eap_sim_plugin.h
index 938807884..13152358a 100644
--- a/src/charon/plugins/eap_sim/eap_sim_plugin.h
+++ b/src/charon/plugins/eap_sim/eap_sim_plugin.h
@@ -12,7 +12,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: eap_sim_plugin.h 3491 2008-02-22 14:04:00Z martin $
+ * $Id: eap_sim_plugin.h 4406 2008-10-10 08:36:01Z martin $
  */
 
 /**
@@ -31,7 +31,7 @@
 typedef struct eap_sim_plugin_t eap_sim_plugin_t;
 
 /**
- * EAP-sim plugin
+ * EAP-SIM plugin.
  */
 struct eap_sim_plugin_t {
author	Rene Mayrhofer <rene@mayrhofer.eu.org>	2008-10-29 11:11:01 +0000
committer	Rene Mayrhofer <rene@mayrhofer.eu.org>	2008-10-29 11:11:01 +0000
commit	8b80ab5a6950ce6515f477624794defd7531642a (patch)
tree	aa8303f3806c5615fbeafc4dc82febe3cd7c24dc /src/charon/plugins/eap_sim
parent	db67c87db3c9089ea8d2e14f617bf3d9e2af261f (diff)
download	vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.tar.gz vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.zip