2 * Copyright (C) 2010 Martin Willi, revosec AG
3 * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 #include "eap_ttls_peer.h"
18 #include "eap_ttls_server.h"
25 typedef struct private_eap_ttls_t private_eap_ttls_t
;
28 * Private data of an eap_ttls_t object.
30 struct private_eap_ttls_t
{
38 * TLS stack, wrapped by EAP helper
43 /** Maximum number of EAP-TTLS messages/fragments allowed */
44 #define MAX_MESSAGE_COUNT 32
45 /** Default size of a EAP-TTLS fragment */
46 #define MAX_FRAGMENT_LEN 1024
48 METHOD(eap_method_t
, initiate
, status_t
,
49 private_eap_ttls_t
*this, eap_payload_t
**out
)
53 if (this->tls_eap
->initiate(this->tls_eap
, &data
) == NEED_MORE
)
55 *out
= eap_payload_create_data(data
);
62 METHOD(eap_method_t
, process
, status_t
,
63 private_eap_ttls_t
*this, eap_payload_t
*in
, eap_payload_t
**out
)
68 data
= in
->get_data(in
);
69 status
= this->tls_eap
->process(this->tls_eap
, data
, &data
);
70 if (status
== NEED_MORE
)
72 *out
= eap_payload_create_data(data
);
78 METHOD(eap_method_t
, get_type
, eap_type_t
,
79 private_eap_ttls_t
*this, u_int32_t
*vendor
)
85 METHOD(eap_method_t
, get_msk
, status_t
,
86 private_eap_ttls_t
*this, chunk_t
*msk
)
88 *msk
= this->tls_eap
->get_msk(this->tls_eap
);
96 METHOD(eap_method_t
, get_identifier
, u_int8_t
,
97 private_eap_ttls_t
*this)
99 return this->tls_eap
->get_identifier(this->tls_eap
);
102 METHOD(eap_method_t
, set_identifier
, void,
103 private_eap_ttls_t
*this, u_int8_t identifier
)
105 this->tls_eap
->set_identifier(this->tls_eap
, identifier
);
108 METHOD(eap_method_t
, is_mutual
, bool,
109 private_eap_ttls_t
*this)
114 METHOD(eap_method_t
, destroy
, void,
115 private_eap_ttls_t
*this)
117 this->tls_eap
->destroy(this->tls_eap
);
122 * Generic private constructor
124 static eap_ttls_t
*eap_ttls_create(identification_t
*server
,
125 identification_t
*peer
, bool is_server
,
126 tls_application_t
*application
)
128 private_eap_ttls_t
*this;
137 .initiate
= _initiate
,
139 .get_type
= _get_type
,
140 .is_mutual
= _is_mutual
,
141 .get_identifier
= _get_identifier
,
142 .set_identifier
= _set_identifier
,
148 if (is_server
&& !lib
->settings
->get_bool(lib
->settings
,
149 "charon.plugins.eap-ttls.request_peer_auth", FALSE
))
153 frag_size
= lib
->settings
->get_int(lib
->settings
,
154 "charon.plugins.eap-ttls.fragment_size", MAX_FRAGMENT_LEN
);
155 max_msg_count
= lib
->settings
->get_int(lib
->settings
,
156 "charon.plugins.eap-ttls.max_message_count", MAX_MESSAGE_COUNT
);
157 include_length
= lib
->settings
->get_bool(lib
->settings
,
158 "charon.plugins.eap-ttls.include_length", TRUE
);
159 tls
= tls_create(is_server
, server
, peer
, TLS_PURPOSE_EAP_TTLS
,
161 this->tls_eap
= tls_eap_create(EAP_TTLS
, tls
, frag_size
, max_msg_count
,
165 application
->destroy(application
);
169 return &this->public;
172 eap_ttls_t
*eap_ttls_create_server(identification_t
*server
,
173 identification_t
*peer
)
175 return eap_ttls_create(server
, peer
, TRUE
,
176 &eap_ttls_server_create(server
, peer
)->application
);
179 eap_ttls_t
*eap_ttls_create_peer(identification_t
*server
,
180 identification_t
*peer
)
182 return eap_ttls_create(server
, peer
, FALSE
,
183 &eap_ttls_peer_create(server
, peer
)->application
);
projects / strongswan.git / blob