diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2014-07-11 07:23:31 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2014-07-11 07:23:31 +0200 |
| commit | 81c63b0eed39432878f78727f60a1e7499645199 (patch) | |
| tree | 82387d8fecd1c20788fd8bd784a9b0bde091fb6b /src/libcharon/plugins/eap_tnc/eap_tnc.c | |
| parent | c5ebfc7b9c16551fe825dc1d79c3f7e2f096f6c9 (diff) | |
| download | vyos-strongswan-81c63b0eed39432878f78727f60a1e7499645199.tar.gz vyos-strongswan-81c63b0eed39432878f78727f60a1e7499645199.zip | |
Imported Upstream version 5.2.0
Diffstat (limited to 'src/libcharon/plugins/eap_tnc/eap_tnc.c')
| -rw-r--r-- | src/libcharon/plugins/eap_tnc/eap_tnc.c | 54 |
1 files changed, 37 insertions, 17 deletions
diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc.c b/src/libcharon/plugins/eap_tnc/eap_tnc.c index 2147c0482..62d23d064 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc.c @@ -47,6 +47,11 @@ struct private_eap_tnc_t { eap_tnc_t public; /** + * Inner EAP authentication type + */ + eap_type_t type; + + /** * Outer EAP authentication type */ eap_type_t auth_type; @@ -124,7 +129,7 @@ METHOD(eap_method_t, initiate, status_t, private_eap_tnc_t *this, eap_payload_t **out) { chunk_t data; - u_int32_t auth_type; + uint32_t auth_type; /* Determine TNC Client Authentication Type */ switch (this->auth_type) @@ -175,10 +180,10 @@ METHOD(eap_method_t, process, status_t, } METHOD(eap_method_t, get_type, eap_type_t, - private_eap_tnc_t *this, u_int32_t *vendor) + private_eap_tnc_t *this, uint32_t *vendor) { *vendor = 0; - return EAP_TNC; + return this->type; } METHOD(eap_method_t, get_msk, status_t, @@ -192,14 +197,14 @@ METHOD(eap_method_t, get_msk, status_t, return FAILED; } -METHOD(eap_method_t, get_identifier, u_int8_t, +METHOD(eap_method_t, get_identifier, uint8_t, private_eap_tnc_t *this) { return this->tls_eap->get_identifier(this->tls_eap); } METHOD(eap_method_t, set_identifier, void, - private_eap_tnc_t *this, u_int8_t identifier) + private_eap_tnc_t *this, uint8_t identifier) { this->tls_eap->set_identifier(this->tls_eap, identifier); } @@ -214,7 +219,7 @@ METHOD(eap_method_t, destroy, void, private_eap_tnc_t *this) { chunk_t pdp_server; - u_int16_t pdp_port; + uint16_t pdp_port; tls_t *tls; pdp_server = this->tnccs->get_pdp_server(this->tnccs, &pdp_port); @@ -245,13 +250,14 @@ METHOD(eap_inner_method_t, set_auth_type, void, * Generic private constructor */ static eap_tnc_t *eap_tnc_create(identification_t *server, - identification_t *peer, bool is_server) + identification_t *peer, bool is_server, + eap_type_t type) { private_eap_tnc_t *this; int max_msg_count; char* protocol; tnccs_t *tnccs; - tnccs_type_t type; + tnccs_type_t tnccs_type; INIT(this, .public = { @@ -270,24 +276,25 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, .set_auth_type = _set_auth_type, }, }, + .type = type, ); max_msg_count = lib->settings->get_int(lib->settings, "%s.plugins.eap-tnc.max_message_count", EAP_TNC_MAX_MESSAGE_COUNT, lib->ns); protocol = lib->settings->get_str(lib->settings, - "%s.plugins.eap-tnc.protocol", "tnccs-1.1", lib->ns); + "%s.plugins.eap-tnc.protocol", "tnccs-2.0", lib->ns); if (strcaseeq(protocol, "tnccs-2.0")) { - type = TNCCS_2_0; + tnccs_type = TNCCS_2_0; } else if (strcaseeq(protocol, "tnccs-1.1")) { - type = TNCCS_1_1; + tnccs_type = TNCCS_1_1; } else if (strcaseeq(protocol, "tnccs-dynamic") && is_server) { - type = TNCCS_DYNAMIC; + tnccs_type = TNCCS_DYNAMIC; } else { @@ -295,8 +302,9 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, free(this); return NULL; } - tnccs = tnc->tnccs->create_instance(tnc->tnccs, type, - is_server, server, peer, TNC_IFT_EAP_1_1, + tnccs = tnc->tnccs->create_instance(tnc->tnccs, tnccs_type, + is_server, server, peer, + (type == EAP_TNC) ? TNC_IFT_EAP_1_1 : TNC_IFT_EAP_2_0, is_server ? enforce_recommendation : NULL); if (!tnccs) { @@ -305,7 +313,7 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, return NULL; } this->tnccs = tnccs->get_ref(tnccs); - this->tls_eap = tls_eap_create(EAP_TNC, &tnccs->tls, + this->tls_eap = tls_eap_create(type, &tnccs->tls, EAP_TNC_MAX_MESSAGE_LEN, max_msg_count, FALSE); if (!this->tls_eap) @@ -319,11 +327,23 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, eap_tnc_t *eap_tnc_create_server(identification_t *server, identification_t *peer) { - return eap_tnc_create(server, peer, TRUE); + return eap_tnc_create(server, peer, TRUE, EAP_TNC); } eap_tnc_t *eap_tnc_create_peer(identification_t *server, identification_t *peer) { - return eap_tnc_create(server, peer, FALSE); + return eap_tnc_create(server, peer, FALSE, EAP_TNC); +} + +eap_tnc_t *eap_tnc_pt_create_server(identification_t *server, + identification_t *peer) +{ + return eap_tnc_create(server, peer, TRUE, EAP_PT_EAP); +} + +eap_tnc_t *eap_tnc_pt_create_peer(identification_t *server, + identification_t *peer) +{ + return eap_tnc_create(server, peer, FALSE, EAP_PT_EAP); } |