Removed strayed code fragment
[strongswan.git] / src / charon / sa / authenticators / authenticator.c
index cdd3245..13586a2 100644 (file)
@@ -1,6 +1,6 @@
 /*
+ * Copyright (C) 2006-2009 Martin Willi
  * Copyright (C) 2008 Tobias Brunner
- * Copyright (C) 2006-2008 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -12,8 +12,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include <string.h>
@@ -23,6 +21,7 @@
 #include <sa/authenticators/pubkey_authenticator.h>
 #include <sa/authenticators/psk_authenticator.h>
 #include <sa/authenticators/eap_authenticator.h>
+#include <encoding/payloads/auth_payload.h>
 
 
 ENUM_BEGIN(auth_method_names, AUTH_RSA, AUTH_DSS,
@@ -35,7 +34,8 @@ ENUM_NEXT(auth_method_names, AUTH_ECDSA_256, AUTH_ECDSA_521, AUTH_DSS,
        "ECDSA-521 signature");
 ENUM_END(auth_method_names, AUTH_ECDSA_521);
 
-ENUM(auth_class_names, AUTH_CLASS_PUBKEY, AUTH_CLASS_EAP,
+ENUM(auth_class_names, AUTH_CLASS_ANY, AUTH_CLASS_EAP,
+       "any",
        "public key",
        "pre-shared key",
        "EAP",
@@ -44,17 +44,23 @@ ENUM(auth_class_names, AUTH_CLASS_PUBKEY, AUTH_CLASS_EAP,
 /**
  * Described in header.
  */
-authenticator_t *authenticator_create_from_class(ike_sa_t *ike_sa,
-                                                                                                auth_class_t class)
+authenticator_t *authenticator_create_builder(ike_sa_t *ike_sa, auth_cfg_t *cfg,
+                                                                       chunk_t received_nonce, chunk_t sent_nonce,
+                                                                       chunk_t received_init, chunk_t sent_init)
 {
-       switch (class)
+       switch ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS))
        {
+               case AUTH_CLASS_ANY:
+                       /* defaults to PUBKEY */
                case AUTH_CLASS_PUBKEY:
-                       return (authenticator_t*)pubkey_authenticator_create(ike_sa);
+                       return (authenticator_t*)pubkey_authenticator_create_builder(ike_sa,
+                                                                                       received_nonce, sent_init);
                case AUTH_CLASS_PSK:
-                       return (authenticator_t*)psk_authenticator_create(ike_sa);
+                       return (authenticator_t*)psk_authenticator_create_builder(ike_sa,
+                                                                                       received_nonce, sent_init);
                case AUTH_CLASS_EAP:
-                       return (authenticator_t*)eap_authenticator_create(ike_sa);
+                       return (authenticator_t*)eap_authenticator_create_builder(ike_sa,
+                                               received_nonce, sent_nonce, received_init, sent_init);
                default:
                        return NULL;
        }
@@ -63,19 +69,32 @@ authenticator_t *authenticator_create_from_class(ike_sa_t *ike_sa,
 /**
  * Described in header.
  */
-authenticator_t *authenticator_create_from_method(ike_sa_t *ike_sa,
-                                                                                                 auth_method_t method)
+authenticator_t *authenticator_create_verifier(
+                                                                       ike_sa_t *ike_sa, message_t *message,
+                                                                       chunk_t received_nonce, chunk_t sent_nonce,
+                                                                       chunk_t received_init, chunk_t sent_init)
 {
-       switch (method)
+       auth_payload_t *auth_payload;
+
+       auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+       if (auth_payload == NULL)
+       {
+               return (authenticator_t*)eap_authenticator_create_verifier(ike_sa,
+                                               received_nonce, sent_nonce, received_init, sent_init);
+       }
+       switch (auth_payload->get_auth_method(auth_payload))
        {
                case AUTH_RSA:
                case AUTH_ECDSA_256:
                case AUTH_ECDSA_384:
                case AUTH_ECDSA_521:
-                       return (authenticator_t*)pubkey_authenticator_create(ike_sa);
+                       return (authenticator_t*)pubkey_authenticator_create_verifier(ike_sa,
+                                                                                                       sent_nonce, received_init);
                case AUTH_PSK:
-                       return (authenticator_t*)psk_authenticator_create(ike_sa);
+                       return (authenticator_t*)psk_authenticator_create_verifier(ike_sa,
+                                                                                                       sent_nonce, received_init);
                default:
                        return NULL;
        }
 }
+